CVE-2016-4977 PoC — Pivotal Spring Security OAuth 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2016/CVE-2016-4977.yaml

Associated Vulnerability

Title:Pivotal Spring Security OAuth 安全漏洞 (CVE-2016-4977)
Description:Pivotal Spring Security OAuth是美国Pivotal Software公司的一个项目，该项目为Spring Web应用程序添加OAuth1和OAuth2功能提供支持。 Pivotal Spring Security OAuth 2.0.0版本至2.0.9版本和1.0.0版本至1.0.5版本中存在安全漏洞。远程攻击者可通过为‘response_type’参数制作值利用该漏洞执行代码。

Description

Spring Security OAuth versions 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5 contain a remote command execution vulnerability. When processing authorization requests using the whitelabel views, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote command execution via the crafting of the value for response_type.

File Snapshot


 id: CVE-2016-4977

info:
  name: Spring Security OAuth2 Remote Command Execution
  author: princecha

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!