mirror of
https://github.com/gobysec/GobyVuls.git
synced 2025-05-06 02:31:35 +00:00
246 KiB
246 KiB
[# Goby History Update Vulnerability Total Document (Continuously Update) The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing.
Updated document date: Jul 21, 2023
SANGFOR-IOMS catjs.php File Read Vulnerability
| Vulnerability | SANGFOR-IOMS catjs.php File Read Vulnerability |
|---|---|
| Chinese name | 深信服上网优化管理系统 catjs.php 文件读取漏洞 |
| CVSS core | 6.0 |
| FOFA Query (click to view the results directly) | title="SANGFOR上网优化管理" |
| Number of assets affected | 97 |
| Description | Convinced by the Internet optimization management system deployment does not need to be adjusted, and transparent bridging mode is supported in organizational networks. At the same time, Intranet users can directly access the Internet regardless of any changes and maintain the original Internet access habits. This enables all data centers, links, and servers to be fully utilized.catjs.php file has any file reading vulnerability, through which an attacker can download any file in the server and leak sensitive information of the server. |
| Impact | Attackers can use this vulnerability to read important server files, such as system configuration files, database configuration files, and so on, causing the website to be in an extremely insecure state. |
Command Execution Vulnerability in Hikvision Operations Management Center
| Vulnerability | Command Execution Vulnerability in Hikvision Operations Management Center |
|---|---|
| Chinese name | 海康运行管理中心命令执行漏洞 |
| CVSS core | 9.6 |
| FOFA Query (click to view the results directly) | header="X-Content-Type-Options: nosniff" && body="<h1>Welcome to OpenResty!</h1>" && header="X-Xss-Protection: 1; mode=block" |
| Number of assets affected | 5905 |
| Description | Hikvision is a video-centric provider of intelligent IoT solutions and big data services. A command execution vulnerability exists in the operation and management center system of Hangzhou Hikvision Digital Technology Co. An attacker could use the vulnerability to gain server privileges. |
| Impact | The latest version has fixed the vulnerability, upgrade the system version to the latest version :https://www.hikvision.com/cn/19th-asian-games/isecure-center/?q=%E6%B5%B7%E5%BA%B7%E5%9F%9F%E8%A7%81%E7%BB%BC%E5%90%88%E5%AE%89%E9%98%B2%E7%AE%A1%E7%90%86%E5%B9%B3%E5%8F%B0 |
Netgod SecGate 3600 Firewall obj_area_import_save File Upload Vulnerability
| Vulnerability | Netgod SecGate 3600 Firewall obj_area_import_save File Upload Vulnerability |
|---|---|
| Chinese name | 网神 SecGate 3600 防火墙 obj_area_import_save 文件上传漏洞 |
| CVSS core | 10.0 |
| FOFA Query (click to view the results directly) | title="网神SecGate 3600防火墙" |
| Number of assets affected | 725 |
| Description | Netgod SecGate 3600 firewall is a composite hardware firewall based on status detection packet filtering and application level agents. It is a new generation of professional firewall equipment specially developed for large and medium-sized enterprises, governments, military, universities and other users. It supports external attack prevention, internal network security, network access control, network traffic monitoring and bandwidth management, dynamic routing, web content filtering, email content filtering, IP conflict detection and other functions, It can effectively ensure the security of the network; The product provides flexible network routing/bridging capabilities, supports policy routing and multi outlet link aggregation; It provides a variety of intelligent analysis and management methods, supports email alarm, supports log audit, provides comprehensive network management monitoring, and assists network administrators in completing network security management.There is a file upload vulnerability in SecGate 3600 firewall, which allows attackers to gain server control permissions. |
| Impact | There is a file upload vulnerability in SecGate 3600 firewall, which allows attackers to gain server control permissions. |
Netgod SecGate 3600 Firewall obj_area_import_save File Upload Vulnerability
| Vulnerability | Netgod SecGate 3600 Firewall app_av_import_save File Upload Vulnerability |
|---|---|
| Chinese name | 网神 SecGate 3600 防火墙 app_av_import_save 文件上传漏洞 |
| CVSS core | 10.0 |
| FOFA Query (click to view the results directly) | title="网神SecGate 3600防火墙" |
| Number of assets affected | 725 |
| Description | Netgod SecGate 3600 firewall is a composite hardware firewall based on status detection packet filtering and application level agents. It is a new generation of professional firewall equipment specially developed for large and medium-sized enterprises, governments, military, universities and other users. It supports external attack prevention, internal network security, network access control, network traffic monitoring and bandwidth management, dynamic routing, web content filtering, email content filtering, IP conflict detection and other functions, It can effectively ensure the security of the network; The product provides flexible network routing/bridging capabilities, supports policy routing and multi outlet link aggregation; It provides a variety of intelligent analysis and management methods, supports email alarm, supports log audit, provides comprehensive network management monitoring, and assists network administrators in completing network security management.There is a file upload vulnerability in SecGate 3600 firewall, which allows attackers to gain server control permissions. |
| Impact | There is a file upload vulnerability in SecGate 3600 firewall, which allows attackers to gain server control permissions. |
Kingdee Apusic Application Server deployApp Arbitrary File Upload Vulnerability
| Vulnerability | Kingdee Apusic Application Server deployApp Arbitrary File Upload Vulnerability |
|---|---|
| Chinese name | Apusic应用服务器 deployApp 任意文件上传漏洞 |
| CVSS core | 9.8 |
| FOFA Query (click to view the results directly) | title="Apusic应用服务器" |
| Number of assets affected | 232 |
| Description | Kingdee Apusic application server is the first pure Java application server in China with its own intellectual property rights following the J2EE standard.There is an arbitrary file upload vulnerability in the deployApp interface of the Kingdee Apusic application server. Attackers can use double slashes to bypass authentication and upload malicious compressed packages to take over server permissions. |
| Impact | There is an arbitrary file upload vulnerability in the deployApp interface of the Kingdee Apusic application server. Attackers can use double slashes to bypass authentication and upload malicious compressed packages to take over server permissions. |
DOCBOX dynamiccontent.properties.xhtml Remote Code Execution Vulnerability
| Vulnerability | DOCBOX dynamiccontent.properties.xhtml Remote Code Execution Vulnerability |
|---|---|
| Chinese name | DOCBOX dynamiccontent.properties.xhtml 文件 cmd 参数远程代码执行漏洞 |
| CVSS core | 9.0 |
| FOFA Query (click to view the results directly) | body="docbox.webapp" |
| Number of assets affected | 657 |
| Description | DOCBOX is a solution that can improve healthcare, is easy to use, and is based on a secure, open system.There is a code execution vulnerability in the javax.faces.resource of the DOCBOX system, and an attacker can execute arbitrary code to obtain server permissions. |
| Impact | There is a code execution vulnerability in the javax.faces.resource of the DOCBOX system, and an attacker can execute arbitrary code to obtain server permissions. |
Kingdee-EAS easWebClient Arbitrary File Download Vulnerability
| Vulnerability | Kingdee-EAS easWebClient Arbitrary File Download Vulnerability |
|---|---|
| Chinese name | 金蝶-EAS easWebClient 任意文件下载漏洞 |
| CVSS core | 7.5 |
| FOFA Query (click to view the results directly) | body="easSessionId" || header="easportal" || header="eassso/login" || banner="eassso/login" || body="/eassso/common" || (title="EAS系统登录" && body="金蝶") |
| Number of assets affected | 255 |
| Description | Kingdee-EAS is a leading enterprise management system, which helps enterprises to build an integrated platform for industry, treasury, tax and invoice files, covering human resource management, tax management, financial sharing, procurement management, inventory management, production and manufacturing, etc.There is an arbitrary file reading vulnerability in Kingdee-EAS easWebClient, and attackers can read sensitive configuration file information such as config.jar. |
| Impact | There is an arbitrary file reading vulnerability in Kingdee-EAS easWebClient, and attackers can read sensitive configuration file information such as config.jar. |
seeyon M1 Server userTokenService Code Execution Vulnerability
| Vulnerability | seeyon M1 Server userTokenService Code Execution Vulnerability |
|---|---|
| Chinese name | 致远 M1 移动端 userTokenService 代码执行漏洞 |
| CVSS core | 10.0 |
| FOFA Query (click to view the results directly) | title=="M1-Server 已启动" |
| Number of assets affected | 7050 |
| Description | Seeyon M1 Server is a mobile device.Seeyon M1 Server userTokenService code execution vulnerability, attackers can arbitrarily execute code on the server side, write back door, obtain server permissions, and then control the entire web server. |
| Impact | Seeyon M1 Server userTokenService code execution vulnerability, attackers can arbitrarily execute code on the server side, write back door, obtain server permissions, and then control the entire web server. |
Yonyou KSOA QueryService SQL Injection vulnerability
| Vulnerability | Yonyou KSOA QueryService SQL Injection vulnerability |
|---|---|
| Chinese name | 用友时空 KSOA QueryService 处 content 参数 SQL 注入漏洞 |
| CVSS core | 10.0 |
| FOFA Query (click to view the results directly) | body="onmouseout="this.classname='btn btnOff'"" |
| Number of assets affected | 3995 |
| Description | Yonyou KSOA spacetime is based on the KSOA concept under the guidance of research and development of a new generation of products, is according to the forefront of circulation enterprises IT requirements to launch the unification of the IT infrastructure, IT can make circulation enterprises established between IT systems in different historical periods, relaxed conversation with each other, help circulation enterprises to protect the existing IT investments, simplify IT management, enhance competition ability, Ensure that the overall strategic objectives and innovation activities of the enterprise are achieved. SQL injection vulnerability exists in some function of Yonyou spatio-temporal KSOA, which can be used by attackers to obtain database sensitive information. |
| Impact | In addition to using SQL injection vulnerability to obtain information in the database (for example, administrator background password, site user personal information), the attacker can even write Trojan horse to the server in the case of high permission to further obtain server system permission. |
Qi An Xin Tianqing Terminal Security Management System information disclosure vulnerability
| Vulnerability | Qi An Xin Tianqing Terminal Security Management System information disclosure vulnerability |
|---|---|
| Chinese name | 奇安信天擎终端安全管理系统信息泄露漏洞 |
| CVSS core | 5.6 |
| FOFA Query (click to view the results directly) | title="新天擎" |
| Number of assets affected | 574 |
| Description | Tianqing Terminal Security Management System is an integrated terminal security product solution for government and enterprise units.Tianqing Terminal Security Management System has an information disclosure vulnerability,the attacker reads the sensitive information of the system by constructing a special URL address. |
| Impact | Tianqing Terminal Security Management System has an information disclosure vulnerability,the attacker reads the sensitive information of the system by constructing a special URL address. |
Tianqing terminal security management system YII_CSRF_TOKEN remote code execution vulnerability
| Vulnerability | Tianqing terminal security management system YII_CSRF_TOKEN remote code execution vulnerability |
|---|---|
| Chinese name | 天擎终端安全管理系统 YII_CSRF_TOKEN 远程代码执行漏洞 |
| CVSS core | 9.8 |
| FOFA Query (click to view the results directly) | title="360新天擎" || body="appid":"skylar6" || body="/task/index/detail?id={item.id}" || body="已过期或者未授权,购买请联系4008-136-360" || title="360天擎" || title="360天擎终端安全管理系统" |
| Number of assets affected | 875 |
| Description | Qi Anxin Tianqing is a terminal security management system (referred to as "Tianqing") product of Qi Anxin Group dedicated to integrated terminal security solutions.The web part of Qi'an Xintianqing terminal security management system uses the yii framework. This version of the framework has its own deserialization entry point, and the attacker can execute arbitrary code to obtain server permissions. |
| Impact | The web part of Qi'an Xintianqing terminal security management system uses the yii framework. This version of the framework has its own deserialization entry point, and the attacker can execute arbitrary code to obtain server permissions. |
91skzy Enterprise process control system login File Read vulnerability
| Vulnerability | 91skzy Enterprise process control system login File Read vulnerability |
|---|---|
| Chinese name | 时空智友企业流程化管控系统 login 文件读取漏洞 |
| CVSS core | 9.0 |
| FOFA Query (click to view the results directly) | body="企业流程化管控系统" && body="密码(Password):" |
| Number of assets affected | 1467 |
| Description | Spatiotemporal Intelligent Friend enterprise process management and control system is a system that uses JAVA development to provide process management and control for enterprises.Spatiotemporal Zhiyou enterprise process control system login file read vulnerability, attackers can use the vulnerability to obtain sensitive information of the system. |
| Impact | Spatiotemporal Zhiyou enterprise process control system login file read vulnerability, attackers can use the vulnerability to obtain sensitive information of the system. |
91skzy Enterprise process control system formservice File Upload vulnerability
| Vulnerability | 91skzy Enterprise process control system formservice File Upload vulnerability |
|---|---|
| Chinese name | 时空智友企业流程化管控系统 formservice 文件上传漏洞 |
| CVSS core | 9.0 |
| FOFA Query (click to view the results directly) | body="企业流程化管控系统" && body="密码(Password):" |
| Number of assets affected | 1467 |
| Description | Spatiotemporal Intelligent Friend enterprise process management and control system is a system that uses JAVA development to provide process management and control for enterprises.Spatiotemporal Zhiyou enterprise process control system formservice file upload vulnerability, attackers can use the vulnerability to obtain system permissions. |
| Impact | Spatiotemporal Zhiyou enterprise process control system formservice file upload vulnerability, attackers can use the vulnerability to obtain system permissions. |
Glodon-Linkworks GetUserByEmployeeCode employeeCode SQL Injection Vulnerability
| Vulnerability | Glodon-Linkworks GetUserByEmployeeCode employeeCode SQL Injection Vulnerability |
|---|---|
| Chinese name | 广联达-Linkworks 协同办公管理平台 GetUserByEmployeeCode 文件 employeeCode 参数 SQL注入漏洞 |
| CVSS core | 7.5 |
| FOFA Query (click to view the results directly) | body="Services/Identification/login.ashx" || header="Services/Identification/login.ashx" || banner="Services/Identification/login.ashx" |
| Number of assets affected | 27341 |
| Description | Glodon-Linkworks collaborative office management platform is a management system that focuses on the entire life cycle of engineering projects and provides customers with digital software and hardware products and solutions.Glodon-Linkworks collaborative office management platform GetUserByEmployeeCode has a SQL injection vulnerability, and attackers can obtain sensitive information such as usernames and passwords. |
| Impact | Glodon-Linkworks collaborative office management platform GetUserByEmployeeCode has a SQL injection vulnerability, and attackers can obtain sensitive information such as usernames and passwords. |
Huatian-OA8000 MyHttpServlet reportFile Arbitrary File Upload Vulnerability
| Vulnerability | Huatian-OA8000 MyHttpServlet reportFile Arbitrary File Upload Vulnerability |
|---|---|
| Chinese name | 华天动力-OA8000 MyHttpServlet 文件 reportFile 参数文件上传漏洞 |
| CVSS core | 8.6 |
| FOFA Query (click to view the results directly) | body="/OAapp/WebObjects/OAapp.woa" |
| Number of assets affected | 2226 |
| Description | Huatian-OA8000 is a combination of advanced management ideas, management models, software technology and network technology, providing users with a low-cost, high-efficiency collaborative office and management platform.There is an arbitrary file upload vulnerability in Huatian Power OA MyHttpServlet. Attackers can upload malicious raq files and execute arbitrary sql statements in the raq files to obtain sensitive information such as user account passwords. |
| Impact | There is an arbitrary file upload vulnerability in Huatian Power OA MyHttpServlet. Attackers can upload malicious raq files and execute arbitrary sql statements in the raq files to obtain sensitive information such as user account passwords. |
Ruijie WEB Management System EXCU_SHELL Information Disclosure Vulnerability
| Vulnerability | Ruijie WEB Management System EXCU_SHELL Information Disclosure Vulnerability |
|---|---|
| Chinese name | 锐捷交换机 WEB 管理系统 EXCU_SHELL 信息泄露漏洞 |
| CVSS core | 7.5 |
| FOFA Query (click to view the results directly) | body="img/free_login_ge.gif" && body="./img/login_bg.gif" |
| Number of assets affected | 912 |
| Description | Ruijie WEB management system is a switch device widely used in government, education, finance, medical and health care, and enterprises.Ruijie WEB management system EXCU_SHELL has an information leakage vulnerability, and attackers can obtain sensitive information such as system passwords to further control the system. |
| Impact | Ruijie WEB management system EXCU_SHELL has an information leakage vulnerability, and attackers can obtain sensitive information such as system passwords to further control the system. |
RSeeyou-OA wpsAssistServlet templateUrl Arbitrary File Read Vulnerability
| Vulnerability | Seeyou-OA wpsAssistServlet templateUrl Arbitrary File Read Vulnerability |
|---|---|
| Chinese name | 致远互联-OA wpsAssistServlet 文件 templateUrl 参数任意文件读取漏洞 |
| CVSS core | 7.5 |
| FOFA Query (click to view the results directly) | body="/seeyon/USER-DATA/IMAGES/LOGIN/login.gif" || title="用友致远A" || (body="/yyoa/" && body!="本站内容均采集于") || header="path=/yyoa" || server=="SY8044" || (body="A6-V5企业版" && body="seeyon" && body="seeyonProductId") || (body="/seeyon/common/" && body="var _ctxpath = '/seeyon'") || (body="A8-V5企业版" && body="/seeyon/") || banner="Server: SY8044" |
| Number of assets affected | 53406 |
| Description | Seeyou-OA is a collaborative office software that digitally builds the digital collaborative operation platform of enterprises and provides one-stop big data analysis solutions for various business scenarios of enterprises.Seeyou-OA wpsAssistServlet has arbitrary file reading vulnerabilities, and attackers can read sensitive information such as system passwords to further control the system. |
| Impact | Seeyou-OA wpsAssistServlet has arbitrary file reading vulnerabilities, and attackers can read sensitive information such as system passwords to further control the system. |
koronsoft AIO management system UtilServlet fileName File Read vulnerability
| Vulnerability | koronsoft AIO management system UtilServlet fileName File Read vulnerability |
|---|---|
| Chinese name | 科荣 AIO 管理系统 UtilServlet 文件 fileName 参数文件读取漏洞 |
| CVSS core | 9.0 |
| FOFA Query (click to view the results directly) | body="changeAccount('8000')" |
| Number of assets affected | 1976 |
| Description | KoronsoftAIO management system is a very excellent enterprise management tool.The UtilServlet file reading vulnerability of koronsoftAIO management system can be used to obtain sensitive information of the system. |
| Impact | The UtilServlet file reading vulnerability ofkoronsoftAIO management system can be used to obtain sensitive information of the system. |
91skzy Enterprise process control system wc.db Information Disclosure vulnerability
| Vulnerability | 91skzy Enterprise process control system wc.db Information Disclosure vulnerability |
|---|---|
| Chinese name | 时空智友企业流程化管控系统 wc.db 文件信息泄露漏洞 |
| CVSS core | 9.0 |
| FOFA Query (click to view the results directly) | body="企业流程化管控系统" && body="密码(Password):" |
| Number of assets affected | 1213 |
| Description | Spatiotemporal Intelligent Friend enterprise process management and control system is a system that uses JAVA development to provide process management and control for enterprises.Spatiotemporal Wisdom enterprise process control system wc.db information leakage vulnerability, attackers can use the vulnerability to obtain sensitive information of the system. |
| Impact | Spatiotemporal Wisdom enterprise process control system wc.db information leakage vulnerability, attackers can use the vulnerability to obtain sensitive information of the system. |
Kingdee Cloud Starry Sky-Management Center Kingdee.BOS.ServiceFacade.ServicesStub.DevReportService.GetBusinessObjectData.common.kdsvc Arbitrary Code Execution Vulnerability
| Vulnerability | Kingdee Cloud Starry Sky-Management Center Kingdee.BOS.ServiceFacade.ServicesStub.DevReportService.GetBusinessObjectData.common.kdsvc Arbitrary Code Execution Vulnerability |
|---|---|
| Chinese name | 金蝶云星空 Kingdee.BOS.ServiceFacade.ServicesStub.DevReportService.GetBusinessObjectData.common.kdsvc 任意代码执行漏洞 |
| CVSS core | 9.8 |
| FOFA Query (click to view the results directly) | title="金蝶云星空" |
| Number of assets affected | 6729 |
| Description | Kingdee Cloud Starry Sky-Management Center is based on a leading assembleable low-code PaaS platform, which comprehensively serves customers' transformation in R&D, production, marketing, supply chain, finance and other fields.There is a deserialization vulnerability in the Kingdee.BOS.ServiceFacade.ServicesStub.DevReportService.GetBusinessObjectData.common.kdsvc interface of Kingdee Cloud Star-Management Center, and an attacker can execute arbitrary commands to obtain server permissions. |
| Impact | There is a deserialization vulnerability in the Kingdee.BOS.ServiceFacade.ServicesStub.DevReportService.GetBusinessObjectData.common.kdsvc interface of Kingdee Cloud Star-Management Center, and an attacker can execute arbitrary commands to obtain server permissions. |
Chanjet T+ DownloadProxy.aspx Path File Read Vulnerability
| Vulnerability | Chanjet T+ DownloadProxy.aspx Path File Read Vulnerability |
|---|---|
| Chinese name | 畅捷通T+ DownloadProxy.aspx 文件 Path 参数文件读取漏洞 |
| CVSS core | 7.5 |
| FOFA Query (click to view the results directly) | body="> |