CVE-2021-42171 PoC — Zenario CMS 代码问题漏洞

Source

https://github.com/minhnq22/CVE-2021-42171

Associated Vulnerability

Title:Zenario CMS 代码问题漏洞 (CVE-2021-42171)
Description:Zenario CMS是Zenario开源的一个应用软件。提供一个基于Web的内容管理系统。 Zenario CMS 9.0.54156版本存在安全漏洞，该漏洞源于Zenario CMS 9.0.54156版本容易受到文件上传的影响。Web服务器通过上传和执行一个可以运行的命令、浏览系统文件、浏览本地资源、攻击其他服务器和利用本地漏洞等的web-shell来入侵。

Description

File upload to Remote Code Execution on Zenario CMS 9.0.54156

Readme

CVE-2021-42171

File upload to Remote Code Execution on Zenario CMS 9.0.54156

https://minhnq22.medium.com/file-upload-to-rce-on-zenario-9-0-54156-cms-fa05fcc6cf74

```
Server test
Distributor ID: Ubuntu
Description:    Ubuntu 21.04
Release:        21.04
Codename:       hirsute
```
![](PoC.png)

File Snapshot


 [4.0K]  /data/pocs/69dad87ce5b83c0c6297c7b5a02c73f2517e05da
├── [ 23K]  exploit.py
├── [ 41K]  PoC.png
└── [ 296]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!