漏洞描述
Ack是一套文本搜索工具,类似于Linux中的grep命令,采用Perl语言编写,能够使用Perl正则表达式搜索文本,并把匹配的行打印出来。 ack 2.00至2.11_02版本中存在代码执行漏洞,该漏洞源于当程序处理包含( 1)--pager,(2)--regex或(3)--output选项的‘.ackrc’文件时存在错误。远程攻击者可利用该漏洞执行任意代码。
Ack 远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC wp-all-in-one-seo-pack-fpd: WordPress All in One SEO Pack - Full Path Disclosure
- POC wp-jetpack-fpd: JetPack - Full Path Disclosure
- POC wp-jetpack-ssrf: Wordpress Jetpack plugin - Server Side Request Forgery
- POC CVE-2023-6266: WordPress Backup Migration <= 1.3.6 - Path Traversal
- POC CVE-2023-7164: WordPress BackWPup < 4.0.4 - Backup File Disclosure
- POC CVE-2025-14611: Gladinet CentreStack & Triofox - Hardcoded Credentials
- POC jetpack-stored-xss: Jetpack < 6.5 - Stored Cross-Site Scripting
- POC wp-all-in-one-seo-pack-fpd: WordPress All in One SEO Pack - Full Path Disclosure
- POC wp-jetpack-fpd: JetPack - Full Path Disclosure
- (CVE-2023-53891)Blackcat CMS 1.4存储型跨站脚本漏洞
- (CVE-2023-53892)Blackcat CMS 1.4远程代码执行漏洞
- POC x-backend-server-header-detect: X-Backend-Server Header - Exposure
- (CVE-2025-14611)Gladinet CentreStack和Triofox AES加密硬编码漏洞导致任意文件包含及安全降级