qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/FileRun-2021.03.26-Auth-RCE...

60 lines
3.9 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "FileRun 2021.03.26 Auth RCE (CVE-2021-35504)",
"Description": "<p>FlieRun is a simple, powerful and beautiful management system for file sharing.</p><p>The version of FileRun management system prior to 2021.03.26 has a remote code execution vulnerability in the back-end ffmpeg inspection path. Attackers can use this vulnerability to gain control of the server.</p>",
"Product": "FileRun",
"Homepage": "https://filerun.com",
"DisclosureDate": "2021-09-22",
"Author": "1291904552@qq.com",
"FofaQuery": "body=\"market://details?id=com.afian.FileRun\"",
"GobyQuery": "body=\"market://details?id=com.afian.FileRun\"",
"Level": "2",
"Impact": "<p>The version of FileRun management system prior to 2021.03.26 has a remote code execution vulnerability in the back-end ffmpeg inspection path. Attackers can use this vulnerability to gain control of the server.</p>",
"Recommandation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"http://blog.filerun.com/security-update-released-2021-06-27\">http://blog.filerun.com/security-update-released-2021-06-27</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2. If not necessary, prohibit public network access to the system.</p>",
"Translation": {
"CN": {
"Name": "FileRun 管理系统2021.03.26版本后台命令执行漏洞 CVE-2021-35504",
"VulType": ["命令执行"],
"Tags": ["命令执行"],
"Description": "<p>FlieRun是一款简单、强大、美观用于文件共享的管理系统。</p><p>FileRun管理系统2021.03.26之前的版本后台ffmpeg检查路径处存在远程代码执行漏洞攻击者可利用该漏洞获取服务器控制权限。</p>",
"Impact": "<p>FileRun管理系统2021.03.26之前的版本后台ffmpeg检查路径处存在远程代码执行漏洞攻击者可利用该漏洞获取服务器控制权限。</p>",
"Product": "FileRun",
"Recommendation": "<p>⼚商已发布了漏洞修复程序,请及时关注更新: <a href=\"http://blog.filerun.com/security-update-released-2021-06-27\">http://blog.filerun.com/security-update-released-2021-06-27</a></p><p>1、通过防⽕墙等安全设备设置访问策略设置⽩名单访问。</p><p>2、如⾮必要禁⽌公⽹访问该系统。</p>"
},
"EN": {
"Name": "FileRun 2021.03.26 Auth RCE (CVE-2021-35504)",
"VulType": ["rce"],
"Tags": ["rce"],
"Description": "<p>FlieRun is a simple, powerful and beautiful management system for file sharing.</p><p>The version of FileRun management system prior to 2021.03.26 has a remote code execution vulnerability in the back-end ffmpeg inspection path. Attackers can use this vulnerability to gain control of the server.</p>",
"Impact": "<p>The version of FileRun management system prior to 2021.03.26 has a remote code execution vulnerability in the back-end ffmpeg inspection path. Attackers can use this vulnerability to gain control of the server.</p>",
"Product": "FileRun",
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"http://blog.filerun.com/security-update-released-2021-06-27\">http://blog.filerun.com/security-update-released-2021-06-27</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2.If not necessary, prohibit public network access to the system.</p>"
}
},
"References": [
"https://syntegris-sec.github.io/filerun-advisory"
],
"HasExp": true,
"ExpParams": [
{
"name": "cmd",
"type": "input",
"value": "id"
}
],
"ExpTips": null,
"ScanSteps": null,
"ExploitSteps": null,
"Tags": [
"rce"
],
"VulType": ["rce"],
"CVEIDs": ["CVE-2021-35504","CVE-2021-35505"],
"CVSSScore": "8.0",
"AttackSurfaces": {
"Application": ["FileRun"],
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink