CVE-2019-25065 PoC — OpenNetAdmin 操作系统命令注入漏洞

Source

https://github.com/sagisar1/CVE-2019-25065-exploit

Associated Vulnerability

Title:OpenNetAdmin 操作系统命令注入漏洞 (CVE-2019-25065)
Description:OpenNetAdmin是OpenNetAdmin社区的一个功能强大的免费 IPAM 系统。用于跟踪您的 IP 网络。 OpenNetAdmin 18.1.1 存在安全漏洞，攻击者利用该漏洞可以实现权限升级。

Description

A POC for CVE-2019-25065, os command injection in OpenNetAdmin

Readme

# CVE-2019-25065 - POC
This is a POC of CVE-2019-25065 - OS command injection in OpenNetAdmin v18.1.1
The exploit is written in bash, it supports linux environment.
was tested on kali linux 2024.4, and Ubuntu 22.04.5 LTS

dependencies: gridsite-clients debian package

File Snapshot


 [4.0K]  /data/pocs/1302f76518fe65bc0c1b07b8af337edb222d87b1
├── [2.1K]  openadmin_rce_poc.sh
└── [ 268]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!