Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-17431 PoC — Comodo UTM Firewall Web Console 授权问题漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-17431.yaml
Associated Vulnerability
Title:Comodo UTM Firewall Web Console 授权问题漏洞 (CVE-2018-17431)
Description:Comodo UTM Firewall是美国Comodo Group公司的一款UTM防火墙。该产品包括反垃圾邮件、内容过滤、Web过滤和防病毒等功能。Web Console是其中的一个基于Web的管理控制台程序。 Comodo UTM Firewall 2.7.0之前版本中的Web Console存在安全漏洞。远程攻击者可借助特制的URL利用该漏洞未经身份验证便可执行任意代码。
Description
Comodo Firewall & Central Manager (UTM) All Release before 2.7.0 & 1.5.0 are susceptible to a web shell based remote code execution vulnerability.
File Snapshot

 id: CVE-2018-17431

info:
  name: Comodo Unified Threat Management Web Console - Remote Code Executi

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.