漏洞描述
远程命令执行漏洞是指攻击者通过构造特定的请求,使得服务器端执行非预期的命令,从而可能导致未授权的数据访问、权限提升、服务中断等严重后果。这种漏洞通常由于应用程序对用户输入的验证不充分或者对外部命令调用缺乏必要的安全控制而产生。
GeoServer /topp/wfs 远程命令执行漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-40822: Geoserver - Server-Side Request Forgery
- POC CVE-2022-24816: GeoServer <1.2.2 - Remote Code Execution
- POC CVE-2023-25157: GeoServer OGC Filter - SQL Injection
- POC CVE-2023-43795: GeoServer WPS - Server Side Request Forgery
- POC CVE-2024-29198: GeoServer Demo Request Endpoint - Server Side Request Forgery
- POC CVE-2024-36401: GeoServer RCE in Evaluating Property Name Expressions
- POC CVE-2024-36404: GeoServer and GeoTools - Remote Code Execution
- POC CVE-2025-27505: GeoServer - Missing Authorization on REST API Index
- POC CVE-2025-30220: GeoServer WFS - XXE Processing Vulnerability
- POC CVE-2021-40822: Geoserver - Server-Side Request Forgery
- POC CVE-2022-24816: GeoServer <1.2.2 - Remote Code Execution
- POC CVE-2023-25157: GeoServer OGC Filter - SQL Injection
- POC CVE-2024-36401: GeoServer wfs 远程代码执行漏洞