Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-4716 PoC — IBM Planning Analytics 代码注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-4716.yaml
Associated Vulnerability
Title:IBM Planning Analytics 代码注入漏洞 (CVE-2019-4716)
Description:IBM Planning Analytics是美国国际商业机器(IBM)公司的一套业务规划分析解决方案。该方案支持自动化执行业务规划、预算和分析等流程。 IBM Planning Analytics 2.0.0版本至2.0.8版本中存在代码注入漏洞。攻击者可利用该漏洞覆盖配置,以管理员身份进行登录,进而以root或SYSTEM权限执行代码。
Description
IBM Planning Analytics versions 2.0.0 through 2.0.8 are vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.
File Snapshot

 id: CVE-2019-4716

info:
  name: IBM Planning Analytics - Authentication Bypass & Remote Code Execut

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.