mirror of https://github.com/qwqdanchun/Goby.git
108 lines
3.6 KiB
JSON
108 lines
3.6 KiB
JSON
{
|
||
"Name": "Evolucare Ecs imaging RCE (CVE-2021-3029)",
|
||
"Description": "<p>Storage • Sharing • Viewing Storage Medical images and videos Multimedia files for all specialisms EVOLUCARE Medical Imaging is a division of Evolucare Technologies Group, editing software for the world of healthcare since 1996. Secure web access and teleradiology Remote access to results EVOLUCARE Medical Imaging sells modular, evolving, secure solutions that have been developed around the latest web technologies.<p>An attacker can use this vulnerability to log in to the background of the system and obtain administrator privileges, which clearly and detailedly present the application management situation.</p></p>",
|
||
"Product": "Evolucare Ecs imaging",
|
||
"Homepage": "https://pdf.medicalexpo.com/pdf/evolucare/ecs-imaging/77948-133886.html",
|
||
"DisclosureDate": "2022-03-01",
|
||
"Author": "AnMing",
|
||
"FofaQuery": "body=\"ECSimaging\"",
|
||
"GobyQuery": "body=\"ECSimaging\"",
|
||
"Level": "3",
|
||
"Impact": "<p>Evolucare Ecs imaging has an RCE vulnerability. An attacker can use this vulnerability to log in to the background of the system and obtain administrator privileges, which clearly and detailedly present the application management situation.</p>",
|
||
"Recommendation": "<p>厂商已提供漏洞修补方案,请关注厂商主页及时更新:<a href=\"https://pdf.medicalexpo.com\">https://pdf.medicalexpo.com</a></p>",
|
||
"References": [
|
||
"https://poc.shuziguanxing.com/#/publicIssueInfo#issueId=5504",
|
||
"https://nvd.nist.gov/vuln/detail/CVE-2021-3029"
|
||
],
|
||
"Translation": {
|
||
"CN": {
|
||
"Name": "Evolucare Ecs imaging 命令执行漏洞(CVE-2021-3029)",
|
||
"Product": "Evolucare Ecs imaging",
|
||
"VulType": [
|
||
"命令执行"
|
||
],
|
||
"Tags": [
|
||
"命令执行"
|
||
],
|
||
"Description": "<p>Evolucare Ecs imaging是一款存储、共享、查看医疗图像及视频相关多媒体文件的医疗保健领域编辑软件。<p>Evolucare Ecs imaging存在命令执行漏洞。攻击者可利用该漏执行root权限的任意代码。</p></p>",
|
||
"Impact": "<p>Evolucare Ecs imaging存在命令执行漏洞。攻击者可利用该漏执行root权限的任意代码。</p>",
|
||
"Recommendation": "<p>厂商已提供漏洞修补方案,请关注厂商主页及时更新:<a href=\"https://pdf.medicalexpo.com\">https://pdf.medicalexpo.com</a></p>"
|
||
}
|
||
},
|
||
"Is0day": false,
|
||
"HasExp": true,
|
||
"ExpParams": [
|
||
{
|
||
"name": "cmd",
|
||
"type": "input",
|
||
"value": "id",
|
||
"show": ""
|
||
}
|
||
],
|
||
"ExpTips": {
|
||
"Type": "",
|
||
"Content": ""
|
||
},
|
||
"ScanSteps": [
|
||
"AND",
|
||
{
|
||
"Request": {
|
||
"method": "POST",
|
||
"uri": "/test.php",
|
||
"follow_redirect": true,
|
||
"header": {},
|
||
"data_type": "text",
|
||
"data": ""
|
||
},
|
||
"ResponseTest": {
|
||
"type": "group",
|
||
"operation": "AND",
|
||
"checks": [
|
||
{
|
||
"type": "item",
|
||
"variable": "$code",
|
||
"operation": "==",
|
||
"value": "200",
|
||
"bz": ""
|
||
},
|
||
{
|
||
"type": "item",
|
||
"variable": "$body",
|
||
"operation": "contains",
|
||
"value": "test",
|
||
"bz": ""
|
||
}
|
||
]
|
||
},
|
||
"SetVariable": [
|
||
"username|lastbody|regex|admin"
|
||
]
|
||
}
|
||
],
|
||
"ExploitSteps": [
|
||
""
|
||
],
|
||
"Tags": [
|
||
"rce"
|
||
],
|
||
"VulType": [
|
||
"rce"
|
||
],
|
||
"CVEIDs": [
|
||
"CVE-2021-3029"
|
||
],
|
||
"CNNVD": [
|
||
"CNNVD-202101-409"
|
||
],
|
||
"CNVD": [
|
||
"CNVD-2021-73655"
|
||
],
|
||
"CVSSScore": "9.8",
|
||
"AttackSurfaces": {
|
||
"Application": null,
|
||
"Support": null,
|
||
"Service": null,
|
||
"System": null,
|
||
"Hardware": null
|
||
}
|
||
} |