POC详情: 04f705010920aeab8bab6ab70022f5c37c96ddfd

来源
https://github.com/JinParkmida/cve-2023-28771-demo
关联漏洞
标题: Zyxel ZyWALL USG 操作系统命令注入漏洞 (CVE-2023-28771)
描述:Zyxel ZyWALL USG是中国合勤(Zyxel)公司的一款网络安全防火墙设备。 Zyxel ZyWALL USG 4.60版本至5.35版本存在操作系统命令注入漏洞,该漏洞源于错误消息处理不当。攻击者利用该漏洞通过向受影响的设备发送特制数据包来远程执行某些操作系统命令。
介绍
# React + TypeScript + Vite

This template provides a minimal setup to get React working in Vite with HMR and some ESLint rules.

Currently, two official plugins are available:

- [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react) uses [Babel](https://babeljs.io/) for Fast Refresh
- [@vitejs/plugin-react-swc](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react-swc) uses [SWC](https://swc.rs/) for Fast Refresh

## Expanding the ESLint configuration

If you are developing a production application, we recommend updating the configuration to enable type-aware lint rules:

```js
export default tseslint.config([
  globalIgnores(['dist']),
  {
    files: ['**/*.{ts,tsx}'],
    extends: [
      // Other configs...

      // Remove tseslint.configs.recommended and replace with this
      ...tseslint.configs.recommendedTypeChecked,
      // Alternatively, use this for stricter rules
      ...tseslint.configs.strictTypeChecked,
      // Optionally, add this for stylistic rules
      ...tseslint.configs.stylisticTypeChecked,

      // Other configs...
    ],
    languageOptions: {
      parserOptions: {
        project: ['./tsconfig.node.json', './tsconfig.app.json'],
        tsconfigRootDir: import.meta.dirname,
      },
      // other options...
    },
  },
])
```

You can also install [eslint-plugin-react-x](https://github.com/Rel1cx/eslint-react/tree/main/packages/plugins/eslint-plugin-react-x) and [eslint-plugin-react-dom](https://github.com/Rel1cx/eslint-react/tree/main/packages/plugins/eslint-plugin-react-dom) for React-specific lint rules:

```js
// eslint.config.js
import reactX from 'eslint-plugin-react-x'
import reactDom from 'eslint-plugin-react-dom'

export default tseslint.config([
  globalIgnores(['dist']),
  {
    files: ['**/*.{ts,tsx}'],
    extends: [
      // Other configs...
      // Enable lint rules for React
      reactX.configs['recommended-typescript'],
      // Enable lint rules for React DOM
      reactDom.configs.recommended,
    ],
    languageOptions: {
      parserOptions: {
        project: ['./tsconfig.node.json', './tsconfig.app.json'],
        tsconfigRootDir: import.meta.dirname,
      },
      // other options...
    },
  },
])
```
文件快照

 [4.0K]  /data/pocs/04f705010920aeab8bab6ab70022f5c37c96ddfd
├── [ 39K]  cve-2023-28771-demo.tsx
├── [ 610]  eslint.config.js
├── [ 366]  index.html
├── [  55]  netlify.toml
├── [ 721]  package.json
├── [114K]  package-lock.json
├── [4.0K]  public
│   └── [1.5K]  vite.svg
├── [2.2K]  README.md
├── [4.0K]  src
│   ├── [ 606]  App.css
│   ├── [ 11K]  App.tsx
│   ├── [4.0K]  assets
│   │   └── [4.0K]  react.svg
│   ├── [1.1K]  index.css
│   ├── [ 230]  main.tsx
│   └── [  38]  vite-env.d.ts
├── [ 557]  tsconfig.app.json
├── [ 119]  tsconfig.json
├── [ 630]  tsconfig.node.json
└── [ 161]  vite.config.ts

3 directories, 18 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。