CVE-2021-41081 PoC — Zoho Corporation Zoho ManageEngine Network Configuration Manager SQL注入漏洞

Source

https://github.com/sudaiv/CVE-2021-41081

Associated Vulnerability

Title:Zoho Corporation Zoho ManageEngine Network Configuration Manager SQL注入漏洞 (CVE-2021-41081)
Description:Zoho Corporation Zoho ManageEngine Network Configuration Manager是美国Zoho Corporation公司的一种多供应商网络变更、配置和合规性管理 (Nccm) 解决方案。用于自动化并全面控制设备配置管理的整个生命周期。 Zoho ManageEngine Network Configuration Manager 存在SQL注入漏洞，该漏洞源于软件中的配置搜索缺少对于用户SQL数据的过滤和转义。

Description

N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)

Readme

# CVE-2021-41081
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)

For technical details visit the blog post [Technical Analysis of CVE-2021-41081](https://sudaiv.net/post/vulnresearch/)
---

Best Regards,
</br>
Sudu

File Snapshot


 [4.0K]  /data/pocs/6d15d30d4e301542cddb217ef13cf16740e99631
├── [212K]  db.png
├── [373K]  exploit.png
├── [369K]  intelliJdebug.png
├── [ 248]  README.md
├── [288K]  snort.png
├── [465K]  sourceDiff1.png
└── [387K]  sourceDiff.png

0 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!