Apache SSI Remote Command Execution Vulnerability - Code World

Apache SSI Remote Command Execution Vulnerability

Enterprise 2019-07-17 14:02:28 views: null

Vulnerability principle:
When testing any file upload vulnerability, the target server might not allow upload php file suffix. If the target server is turned on SSI and CGI support, we can upload a shtml file, and use <-! # Exec cmd = " id" -> syntax to execute arbitrary commands.

Vulnerability reproduction:
shtml contains text that contains embedded server-side commands, before being sent to the browser, the server will SHTML document fully read, analyze and modify.
Normal PHP file upload is not allowed, we can upload a file shell.shtml:
<- - # Exec cmd = "pwd"!>
Apache SSI Remote Command Execution Vulnerability
And then upload it on the line

point into the

resolution succeeds, remote command execution, pwd command can easily change .

Guess you like

Origin blog.51cto.com/14259144/2420909

Apache SSI Remote Command Execution Vulnerability

Apache SSI Remote Command Execution Vulnerability

Command Execution Vulnerability - Remote Command Execution

Apache Solr remote command execution vulnerability CVE-2019-0193 vulnerability recurrence

[High risk] Apache Cassandra has an unauthorized vulnerability that leads to remote command execution

Fastjson 1.2.47 remote command execution vulnerability

Remote code/command execution vulnerability learning (1)

Remote Command Execution and Deserialization——Recovery of Struts Framework Command Execution Vulnerability

Apache struts2 namespace remote command execution _CVE-2018-11776 (S2-057) vulnerability reproducibility

Apache struts2 Freemarker label remote command execution _CVE-2017-12611 (S2-053) vulnerability reproducibility

[Reproduction] vulnerability Apache Solr via Velocity template remote code execution

Apache ActiveMQ Remote Code Execution Vulnerability (CVE-2016-3088)

[Medium Risk] Apache Airflow ODBC Provider Remote Code Execution Vulnerability

CVE-2023-37582 Apache RocketMQ Remote Code Execution Vulnerability

Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-33246)

Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-37582)

ThinkPHP 5.x remote command execution vulnerability reproduction

ThinkPHP 5.x remote command execution vulnerability analysis and reproducibility

Pikachu-RCE [remote code execution vulnerability command]

pikachu learn --RCE (remote command code execution vulnerability)

pikachu--RCE (Remote Command / Code Execution Vulnerability)

Remote command execution and deserialization-Weblogic middleware deserialization vulnerability and related

Remote Command Execution and Deserialization——Deserialization Principle Introduction and Analysis of Vulnerability

WordPress plugin Mailpress high-risk remote command execution vulnerability

CVE Vulnerability Reappearance-CVE-2016-10033-Remote Command Execution

RCE vulnerability reproduction and utilization of jumpserver remote command execution

xxl-job remote command execution vulnerability reproduction

Hikvision Integrated Security Management Platform Fastjson Remote Command Execution Vulnerability

There is a front-end remote command execution vulnerability in UFIDA NC Cloud

Vulfocus recurrence: Spring Framework remote command execution vulnerability

Recommended

Ranking

error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘

Database migration between Navicat servers

Minimum number of rotation of the array: Array

balenaEtcher for mac (make a boot disk software) v1.5.67

Custom processing serialization and deserialization in jackson

Mu-en-mask system development software

Mastering Regular Expressions

Find mileage Java--

Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions

[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite

Daily

More

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)