st2命令执行漏洞大礼包各大企业

编号37016
Urlhttp://www.wooyun.org/bug.php?action=view&id=37016
漏洞状态已交由第三方合作机构(cncert国家互联网应急中心)处理
漏洞标题st2命令执行漏洞大礼包各大企业
漏洞类型命令执行
厂商
白帽子Restriedarea
提交日期2013-09-16 10:12:00
公开日期2013-10-31 10:12:00
修复时间(not set)
确认时间2013-09-20 00:00:00
Confirm Spend4
漏洞标签
关注数0
收藏数0
白帽评级
白帽自评rank20
厂商评级
厂商评rank18
漏洞简介
st2大礼包  各大企业
漏洞细节

Target: http://b2b-hk.ce-air.com/MUB2B/login.do
Whoami: b2bapp-2\administrator
WebPath: D:\tomcat5.5\runtime\hk\webapps\MUB2B\
Target: http://www.ad4app.cn/forgetPassword.do
Whoami: root
WebPath: /home/adProjects/adPlatform
Target: http://www.dyzs189.com/bnet/user-login!password.do
Whoami: win-ecthlj11rv4\administrator
WebPath: D:\jboss-4.2.2.GA-DYZS\server\default\.\deploy\GAP.war\
Target: http://www.carpad.com.cn/Portal/web/customer/password.action
Whoami: root
WebPath: /var/lib/tomcat8080/webapps/Portal/
Target: http://www.appeasou.com/user!userLogin.action
Whoami: appunion
WebPath: /data/resin-app-union/appunion/

POC

Target: http://b2b-hk.ce-air.com/MUB2B/login.do
Whoami: b2bapp-2\administrator
WebPath: D:\tomcat5.5\runtime\hk\webapps\MUB2B\
Target: http://www.ad4app.cn/forgetPassword.do
Whoami: root
WebPath: /home/adProjects/adPlatform
Target: http://www.dyzs189.com/bnet/user-login!password.do
Whoami: win-ecthlj11rv4\administrator
WebPath: D:\jboss-4.2.2.GA-DYZS\server\default\.\deploy\GAP.war\
Target: http://www.carpad.com.cn/Portal/web/customer/password.action
Whoami: root
WebPath: /var/lib/tomcat8080/webapps/Portal/
Target: http://www.appeasou.com/user!userLogin.action
Whoami: appunion
WebPath: /data/resin-app-union/appunion/

修复方案

升级
求礼物啊

状态信息 2013-09-16: 细节已通知厂商并且等待厂商处理中
2013-09-20: 厂商已经确认,细节仅向厂商公开
2013-09-30: 细节向核心白帽子及相关领域专家公开
2013-10-10: 细节向普通白帽子公开
2013-10-20: 细节向实习白帽子公开
2013-10-31: 细节向公众公开
厂商回复
回应信息危害等级:高漏洞Rank:18 确认时间:2013-09-20 23:57