漏洞描述
<span style="color: rgb(0, 0, 0);">通过MonitorServlet反序列化命令执行漏洞,可以远程执行命令,窃取服务器信息。</span>
关于NC及NC Cloud系统的MonitorServlet反序列化漏洞的安全通告
PoC代码
暂无相关漏洞推荐
- POC CVE-2025-13486: Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution
- POC gcs-bucket-listing: Google Cloud Storage - Public Bucket Listing
- POC wordfence-config-disclosure: WordPress Wordfence - Configuration File Disclosure
- POC wordfence-rules-disclosure: WordPress Wordfence - Rules File Disclosure
- POC wordfence-waf-logs-disclosure: WordPress Wordfence - WAF Logs and Data Disclosure
- POC wp-maintenance-mode-fpd: WordPress WP Maintenance Mode - Full Path Disclosure
- POC wp-wordfence-fpd: Wordfence - Full Path Disclosure
- POC wp-easy-fancybox-fpd: Easy FancyBox - Full Path Disclosure
- SohuTV CacheCloud 跨站脚本漏洞 (CVE-2025-15221)
- 微力同步-VeriSync resources 任意文件读取漏洞
- CacheCloud 代码注入漏洞
- GreenCMS 路径遍历漏洞
- POC JD Cloud BE6500 命令注入漏洞