An RCE vulnerability exists in an ERP system - Code World

An RCE vulnerability exists in an ERP system

Mobile 2023-10-07 04:06:33 views: null

Article directory

Preface
statement
1. Product introduction
2. Assets affected
3. Asset discovery
4. Vulnerability testing
5. Repair plan

Preface

There is an RCE vulnerability in the ERP system of the carton manufacturing industry, and attackers can obtain sensitive information through specific payload injection.

statement

Please do not use the relevant technologies in this article to engage in illegal testing. Any direct or indirect consequences and losses caused by the dissemination and use of the information or tools provided in this article are the responsibility of the user himself. All adverse consequences and The author of the article is irrelevant. This article is for educational purposes only.

1. Product introduction

The ERP system of the manufacturing carton industry involves all aspects of carton enterprise management, including cost accounting, quotation and pricing, order placement, production scheduling, on-site management, finished product warehousing, shipping and distribution, full business process financial settlement, and quality management throughout. Elevate the management level of carton enterprises to a new level and realize the management concepts of accurate calculation, reasonable planning, efficient supervision, division of labor and cooperation, and full communication.

2. Assets affected

企望ERP系统

3. Asset discovery

fofa：title="企望制造ERP系统"
hunter：app.name="企望制造ERP"

Guess you like

Origin blog.csdn.net/weixin_46944519/article/details/132870575

An RCE vulnerability exists in an ERP system

Hope to manufacture ERP system RCE vulnerability recurrence (HW0day)

ThinkPHP 5.0 version exists getshell vulnerability php_rce

Code execution vulnerability exists convenient search system

Vulnerability recurrence - arbitrary file reading exists in a certain interface of a friend's CRM system (with vulnerability detection script attached)

fastjson deserialization RCE Vulnerability

RCE vulnerability of pikachu

DingTalk RCE Vulnerability

An interface exists Weaver e-cology OA system configuration database information disclosure vulnerability reproduction

fastjson of RCE vulnerability reproduced record

spark unauthorized RCE vulnerability study

Webmin <= 1.920 RCE vulnerability reproduction

Solr-rce vulnerability reproduction

[Vulnerability reproduction] Apache Solr RCE

SpringBoot Actuator RCE Vulnerability Summary

Pikachu vulnerability exercise platform experiment --RCE (V)

Solr 8.2.0 latest RCE vulnerability reproduction

CTFHUB - RCE eval execution and file inclusion vulnerability

PhpStudy2016-2018-RCE vulnerability recurrence

spring cloud SnakeYAML RCE vulnerability recurrence

whitelabel error page SpEL RCE vulnerability reproduction

JD-FreeFuck background RCE vulnerability

CVE Vulnerability Reappearance-CVE-2022-22965-Spring-RCE Vulnerability

What is erp system software

The effect of ERP system on enterprises

[Vulnerability Recurrence] Huaxia ERP account password leaked

What is an ERP system? One article to understand ERP system

odoo ERP system installation and use

ERP system in the end what to do?

ERP Invoicing system source code

Recommended

The “35-year-old curse” of Chinese coders

蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版，免费下载

Ranking

Methods and Practices of Manufacturing Data Quality Improvement

Serial port upgrade program for efficient transmission of large firmware

Use KITTI to run LIOSAM and complete the EVO evaluation

Calling methods on string literals (Java)

ActiveMQ and Spring integration (4)

You have to know the HTTPS! ! !

PAT whether Structures and Algorithms 7-4 with a binary search tree (40 rows streamlined structure)

el-upload brings request background

UVA - 1204 Fun Game-like pressure dp

2019-12-28

Daily

More

2024-05-04(18)

2024-05-03(8)

2024-05-02(0)

2024-05-01(4)

2024-04-30(36)

2024-04-29(5)

2024-04-28(12)

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)