Fastjson 漏洞列表

共找到 3 个与 Fastjson 相关的漏洞

📅 加载漏洞趋势中...

hikvision-fastjson-rce: 海康威视综合安防管理平台 Fastjson 远程命令执行漏洞 POC

日期: 2025-09-01 | 影响软件: 海康威视综合安防管理平台Fastjson

海康威视综合安防管理平台存在Fastjson远程命令执行漏洞，该漏洞可执行系统命令，直接获取服务器权限。 Fofa: app="HIKVISION-综合安防管理平台" Fofa: icon_hash="136203464" Hunter: web.icon="753466eed2bbef2bae18b55994d1d2ae"
yunanbao-authservice-fastjson-rce: 云匣子 FastJson反序列化RCE漏洞 POC

日期: 2025-09-01 | 影响软件: yunanbao-authservice-fastjson

云匣子authService接口处使用存在漏洞 fastjson 组件，未授权的攻击者可通过fastjson 序列化漏洞对云匣子发起攻击获取服务器权限 Fofa: app="云安宝-云匣子" ZoomEye: app:"云安宝云匣子" Hunter: app.name="云安宝·云匣子"
CVE-2017-18349: Fastjson Insecure Deserialization - Remote Code Execution POC

日期: 2025-08-01 | 影响软件: Fastjson

parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi-// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is mishandled in AjaxApplication.java.