CVE-2023-34105 PoC — SRS 命令注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-34105.yaml

Associated Vulnerability

Title:SRS 命令注入漏洞 (CVE-2023-34105)
Description:SRS是SRS开源的一款简单、高效、实时的视频服务器。 SRS存在命令注入漏洞，该漏洞源于api-server服务器存在命令注入漏洞。

Description

SRS's v5.0.137~v5.0.156, v6.0.18~v6.0.47 api-server server is vulnerable to a drive-by command injection.

File Snapshot


 id: CVE-2023-34105

info:
  name: SRS - Command Injection
  author: iamnoooob,rootxharsh,pdresearch


...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.