CVE-2020-24186 PoC — WordPress 代码问题漏洞

Source

https://github.com/hev0x/CVE-2020-24186-WordPress-wpDiscuz-7.0.4-RCE

Associated Vulnerability

Title:WordPress 代码问题漏洞 (CVE-2020-24186)
Description:WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress wpDiscuz 7.0.4之前版本中存在远程代码执行漏洞，该漏洞允许攻击者上传任意文件。.

Description

wpDiscuz 7.0.4 Remote Code Execution

Readme

# POC CVE-2020-24186-wpDiscuz-7.0.4-RCE

WordPress wpDiscuz 7.0.4 Remote Code Execution

- A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action.

### Exploit Usage

#### Commands:
- Windows/Linux:
`$ sudo python3 wpDiscuz_RemoteCodeExec.py -u <Base_Host> -p <BlogPost_URL> `

![](https://github.com/hevox/CVE-2020-24186-wpDiscuz-7.0.4-RCE/blob/main/imgs/wordpressdiscuz.png.png)

- References:

  https://www.exploit-db.com/exploits/49967
  
  https://packetstormsecurity.com/files/163012/WordPress-wpDiscuz-7.0.4-Remote-Code-Execution.html

  https://nvd.nist.gov/vuln/detail/CVE-2020-24186
  
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24186

File Snapshot


 [4.0K]  /data/pocs/081f9d9d3f36096fec004b087b0f8fbdc52807a5
├── [4.0K]  imgs
│   └── [ 86K]  wordpressdiscuz.png.png
├── [ 835]  README.md
└── [5.5K]  wpDiscuz_RemoteCodeExec.py

1 directory, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!