Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-41560 PoC — OpenCats 代码问题漏洞

Source
https://github.com/Nickguitar/RevCAT
Associated Vulnerability
Title:OpenCats 代码问题漏洞 (CVE-2021-41560)
Description:OpenCats是一套开源的招聘流程管理系统。 OpenCATS 0.9.6之前存在安全漏洞,该漏洞允许远程攻击者通过 lib/FileUtility.php 上传可执行文件来执行任意代码。
Description
OpenCATS <= 0.9.4 RCE  (CVE-2021-41560)
Readme
# RevCAT
## OpenCATS &lt;= 0.9.4 RCE  (CVE-2021-41560)

Opencats &lt;= 0.9.4 fails to properly validade file upload, leading to remote code execution.

If your installed version is &lt;= 0.9.4, [apply the patch](https://github.com/opencats/OpenCATS/commit/b1af3bde1f68bec1c703ad66a3e390f15ed8ebe1) asap.

## Usage

```
./RevCAT.sh <target URL>
```

_Note: &lt;target URL> must point to the root path where OpenCATS is installed._

## Screenshots
  
![image](https://user-images.githubusercontent.com/3837916/141119980-85a55fca-7be8-437b-ab7d-8aa8ce4db567.png)
![image](https://user-images.githubusercontent.com/3837916/141120000-9ec84284-f295-4d21-8a63-2555b495d879.png)
File Snapshot

 [4.0K]  /data/pocs/41733ff2f7937150c4100032e79c61f90986a3f7
├── [ 671]  README.md
└── [4.1K]  RevCAT.sh

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.