漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Hyland OnBase Timer Services Unauthenticated .NET Remoting RCE
Vulnerability Description
Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service (Hyland.Core.Workflow.NTService.exe). An attacker who can reach the service can send crafted .NET Remoting requests to default HTTP channel endpoints on TCP/8900 (e.g., TimerServiceAPI.rem and TimerServiceEvents.rem for Workflow) to trigger unsafe object unmarshalling, enabling arbitrary file read/write. By writing attacker-controlled content into web-accessible locations or chaining with other OnBase features, this can lead to remote code execution. The same primitive can be abused by supplying a UNC path to coerce outbound NTLM authentication (SMB coercion) to an attacker-controlled host.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Hyland Software Hyland OnBase 安全漏洞
Vulnerability Description
Hyland Software Hyland OnBase是美国Hyland Software公司的一款用于展示企业信息管理、流程的平台。 Hyland Software Hyland OnBase存在安全漏洞,该漏洞源于OnBase Workflow Timer Service存在未经身份验证的.NET Remoting暴露,可能导致发送特制.NET Remoting请求触发不安全的对象反序列化,从而实现任意文件读写,进而导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A