CVE-2019-14224 PoC — Alfresco Software Alfresco Community Edition 输入验证错误漏洞

Source

Associated Vulnerability

Description

CVE-2019-14224: Authenticated Remote Code Execution in Alfresco Community

Readme

# CVE-2019-14224: Authenticated Remote Code Execution in Alfresco Community

By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution. The attacker must use Alfresco to:
- Upload malicious Solr configuration files to a known/discoverable location
- Create a Solr Core which will trigger a JMX connection from the victim back to the attacker
- Host a malicious RMI server that will send a malicious Java object that results in deserialization and code execution.

### NVD Disclosure:

The disclosure for this vulnerability can be found [here](https://nvd.nist.gov/vuln/detail/CVE-2019-14224).

### Requirements:

This vulnerability requires:
<br/>
- Access and valid user credentials for the Alfresco Admin Console
- Access to the Alfresco WebDAV or Alfresco Share
- Access to the Alfresco Solr interface

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2019-14224/blob/main/Alfresco%20-%20CVE-2019-14224.pdf).

### Additional Information:

Unauthenticated access to the Alfresco Solr interface may be obtained via [CVE-2019-14222: Default Certificate in Alfresco Community](https://github.com/mbadanoiu/CVE-2019-14222)

File Snapshot

 [4.0K]  /data/pocs/ab1150f9b893e9b3b3eb35ad6199a672a1753441
├── [1.6M]  Alfresco - CVE-2019-14224.pdf
└── [1.3K]  README.md

0 directories, 2 files

Remarks