漏洞描述
ParaDM是一套开放式架构的企业内容管理系统(eDMS),ParaDM使用了Log4j,Log4j是Apache的一个开源项目,该漏洞产生的原因在于Log4j在记录日志的过程中会对日志内容进行判断,如果内容中包含了${,则Log4j会认为此字符属于JNDI远程加载类的地址。使用了log4j来记录404报错页面或者header报错页面的应用会遭受该漏洞影响,攻击者可以构造恶意的参数值进行远程命令执行,控制服务器。
ParaDM Log4j远程命令执行
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-45046-DAST: Apache Log4j2 - Remote Code Injection
- POC CVE-2021-44228: Apache Log4j2 Remote Code Injection
- POC CVE-2021-45046: Apache Log4j2 - Remote Code Injection
- POC CVE-2017-5645: Apache Log4j Server - Deserialization Command Execution
- POC CVE-2021-44228: Apache Log4j2 Remote Code Injection
- POC apache-ofbiz-log4j-rce-temp: Apache OFBiz Log4j JNDI RCE
- POC apache-ofbiz-log4j-rce: Apache OFBiz Log4j JNDI RCE
- POC cisco-cloudcenter-suite-log4j-rce: Cisco CloudCenter Suite (Log4j) - Remote Code Execution
- POC solr-log4j-rce: Apache Solr Log4j Remote Code Execution
- POC unifi-network-log4j-rce: UniFi Network Log4j JNDI RCE
- POC vmware-vcenter-log4j-jndi-rce-temp: VMware VCenter - Remote Code Execution (Apache Log4j)
- POC vmware-vcenter-log4j-jndi-rce: VMware VCenter - Remote Code Execution (Apache Log4j)
- POC vrealize-operations-log4j-rce: VMware vRealize Operations Tenant App Log4j JNDI Remote Code Execution