关联漏洞
标题:Apache OFBiz 代码注入漏洞 (CVE-2022-25813)Description:Apache OFBiz是美国阿帕奇(Apache)基金会的一套企业资源计划(ERP)系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache OFBiz 18.12.05及之前版本存在安全漏洞,攻击者利用该漏洞可以在“Contact us”页面“Subject”字段中插入恶意内容,然后可以进行 RCE。
Description
CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz
介绍
# CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz
By inserting malicious content in a message’s “Subject” field, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and obtain RCE (Remote Code Execution).
<strong>Note:</strong> Although this vulnerability requires a valid user’s interaction to trigger the SSTI, the malicious payload can be sent by any unauthenticated attacker that creates an e-commerce account.
### Vendor Disclosure:
The vendor's disclosure and fix for this vulnerability can be found [here](https://lists.apache.org/thread/h9k33c7x69jzwczdvdj15xdqp3y5jw20).
### Requirements:
This vulnerability requires:
<br/>
- Registering a new user or valid user credentials
- User interaction of a administrative user
### Proof Of Concept:
More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2022-25813/blob/main/Apache%20OfBiz%20-%20CVE-2022-25813.pdf).
### Additional Resources:
Initial vulnerability [GHSL-2020-070 and blogpost](https://securitylab.github.com/advisories/GHSL-2020-070-apache_ofbiz/) by [Alvaro "pwntester" Munoz](https://github.com/pwntester) that inspired the SSTI research and finding of this vulnerability.
文件快照
[4.0K] /data/pocs/f2e89511313f5c39dd1ea8d2a7bb9c44823b7d76
├── [2.5M] Apache OfBiz - CVE-2022-25813.pdf
└── [1.3K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。