CVE-2022-47966 PoC — 多款ZOHO ManageEngine产品安全漏洞

Source

https://github.com/Inplex-sys/CVE-2022-47966

Associated Vulnerability

Title:多款ZOHO ManageEngine产品安全漏洞 (CVE-2022-47966)
Description:ZOHO ManageEngine ADAudit Plus和ZOHO ManageEngine Access Manager Plus都是美国卓豪（ZOHO）公司的产品。ZOHO ManageEngine ADAudit Plus是用于简化审计、证明合规性和检测威胁。ZOHO ManageEngine Access Manager Plus是一种特权会话管理解决方案，用于企业集中、保护和管理特权会话的远程访问。多款ZOHO ManageEngine产品存在安全漏洞，该漏洞源于产品中使用了 Apache

Description

The manage engine mass loader for CVE-2022-47966

Readme

# CVE-2022-47966 (ManageEngine RCE 2022)

This repo is part of the ***hgrab-framework***

### Installation
Install the app on the server
```sh
user@domain:~# git clone https://github.com/Inplex-sys/CVE-2022-47966.git
user@domain:~# cd ./CVE-2022-47966/
user@domain:~# python3 main.py <list.txt> <command>
```

The list file must contain the targets servers with this format `<http-https>://<target>:<port>/<uri-(optional)>`

File Snapshot


 [4.0K]  /data/pocs/108eeba5d18e4922997e9df6cbc512bfd6ad096d
├── [5.6K]  main.py
└── [ 424]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!