Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-42237 PoC — Sitecore 代码问题漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-42237.yaml
Associated Vulnerability
Title:Sitecore 代码问题漏洞 (CVE-2021-42237)
Description:Sitecore是丹麦Sitecore公司的一套在线营销内容管理系统(CMS)。该系统支持内容编辑、多种语言、多网站部署、数字资产管理等。 Sitecore XP 存在安全漏洞,该漏洞源于Sitecore XP 7.5到Sitecore XP 8.2 容易受到不安全的反序列化攻击。攻击者可利用该漏洞在机器上实现远程命令执行。
Description
Sitecore XP 7.5 to Sitecore XP 8.2 Update 7 is vulnerable to an insecure deserialization attack where remote commands can be executed by an attacker with no authentication or special configuration required.
File Snapshot

 id: CVE-2021-42237

info:
  name: Sitecore Experience Platform Pre-Auth RCE
  author: pdteam
  sever

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.