漏洞描述
在致远OA中使用存在安全问题的Log4j 组件,导致攻击者可以执行任意命令。
致远OA Log4j 组件存在远程命令执行漏洞
PoC代码
暂无相关漏洞推荐
- 致远互联 致远OA personalBind 任意用户密码修改漏洞
- 致远OA rest接口 前台密码重置漏洞
- POC CVE-2021-45046-DAST: Apache Log4j2 - Remote Code Injection
- POC CVE-2021-44228: Apache Log4j2 Remote Code Injection
- POC CVE-2021-45046: Apache Log4j2 - Remote Code Injection
- POC CVE-2017-5645: Apache Log4j Server - Deserialization Command Execution
- POC CNVD-2019-19299: 致远OA A8 htmlofficeservlet Remote Code Execution
- POC CNVD-2020-62422: 致远oa系统存在任意文件读取漏洞
- POC CVE-2021-44228: Apache Log4j2 Remote Code Injection
- POC apache-ofbiz-log4j-rce-temp: Apache OFBiz Log4j JNDI RCE
- POC apache-ofbiz-log4j-rce: Apache OFBiz Log4j JNDI RCE
- POC cisco-cloudcenter-suite-log4j-rce: Cisco CloudCenter Suite (Log4j) - Remote Code Execution
- POC seeyon-a6-config-disclosure: 致远OA A6 config.jsp 敏感信息泄漏漏洞