漏洞描述
Rocket Servergraph中存在多个命令执行漏洞。这些漏洞是由于应用程序在处理userRequest和tsmRequest的请求时,对请求中的的参数验证不足导致的。
Rocket Servergraph管理中心userRequest和tsmRequest参数命令执行漏洞
PoC代码
暂无相关漏洞推荐
- Rocket LMS存在默认口令
- POC CVE-2020-28208: Rocket.Chat <3.9.1 - Information Disclosure
- POC CVE-2021-22911: Rocket.Chat <=3.13 - NoSQL Injection
- POC CVE-2024-39713: Rocket.Chat - Server-Side Request Forgery (SSRF)
- POC CVE-2023-33246: RocketMQ <= 5.1.0 - Remote Code Execution
- POC CVE-2023-33246: RocketMQ broker unauthorized
- POC CVE-2023-37582: Apache RocketMQ 远程命令执行漏洞
- POC rocketlms-default-login: Rocket LMS - Default Login
- POC rocketchat-unauth-access: RocketChat Live Chat - Unauthenticated Read Access
- POC CVE-2023-37582: Apache RocketMQ - Remote Command Execution
- POC apache-rocketmq-broker-unauth: Apache Rocketmq Broker - Unauthenticated Access
- RocketMQ / 未授权访问漏洞
- Apache RocketMQ CVE-2023-33246 远程代码执行漏洞