mirror of https://github.com/qwqdanchun/Goby.git
46 lines
1.4 KiB
JSON
46 lines
1.4 KiB
JSON
{
|
||
"Name": "Weaver-EMobile login.do Struts2 RCE",
|
||
"Description": "'E-Mobile' is a platform which t by Shanghai Weaver Network Co., LTD.Users can read and deal with workflow、news、contacts and other kinds of information of OA by Weaver’s “E-Mobile” plarform on mobile.It can meet the needs of those who use Weaver’s OA System to deal with the information on Mobile Office",
|
||
"Product": "Weaver",
|
||
"Homepage": "https://www.weaver.com.cn/",
|
||
"DisclosureDate": "2021-05-23",
|
||
"Author": "李大壮",
|
||
"FofaQuery": "product=\"Weaver-EMobile\"",
|
||
"Level": "3",
|
||
"Impact": "<p>An attacker can exploit this vulnerability to cause remote code execution</p>",
|
||
"References": [],
|
||
"HasExp": true,
|
||
"ExpParams": [
|
||
{
|
||
"name": "cmd",
|
||
"type": "input",
|
||
"value": "whoami"
|
||
}
|
||
],
|
||
"ExpTips": {
|
||
"Type": "",
|
||
"Content": ""
|
||
},
|
||
"ScanSteps": [
|
||
"AND"
|
||
],
|
||
"ExploitSteps": null,
|
||
"Tags": [
|
||
"RCE"
|
||
],
|
||
"CVEIDs": null,
|
||
"CVSSScore": "0.0",
|
||
"AttackSurfaces": {
|
||
"Application": [
|
||
"Weaver-EMobile"
|
||
],
|
||
"Support": null,
|
||
"Service": null,
|
||
"System": [
|
||
"Resin"
|
||
],
|
||
"Hardware": null
|
||
},
|
||
"GobyQuery": "product=\"Weaver-EMobile\"",
|
||
"Recommandation": "<p>An official patch has been released to fix this vulnerability. Affected users can also take the following protective measures for temporary protection against this vulnerability.<br></p>"
|
||
} |