springblade-detect: SpringBlade 框架

日期: 2025-09-01 | 影响软件: springblade | POC: 已公开

漏洞描述

SpringBlade 是一个由商业级项目升级优化而来的SpringCloud分布式微服务架构、SpringBoot单体式微服务架构并存的综合型项目。</p><p>SpringBlade 框架存在默认SIGN_KEY，攻击者可利用漏洞获取用户账号密码日志等敏感信息。 Fofa: body="saber/iconfont.css" || body="Saber 将不能正常工作"||title="Sword Admin"||body="We're sorry but avue-data doesn't work"

PoC代码[已公开]

id: springblade-detect

info:
  name: SpringBlade 框架
  author: zan8in
  severity: info
  verified: true
  description: |-
    SpringBlade 是一个由商业级项目升级优化而来的SpringCloud分布式微服务架构、SpringBoot单体式微服务架构并存的综合型项目。</p><p>SpringBlade 框架存在默认SIGN_KEY，攻击者可利用漏洞获取用户账号密码日志等敏感信息。
    Fofa: body="saber/iconfont.css" || body="Saber 将不能正常工作"||title="Sword Admin"||body="We're sorry but avue-data doesn't work"
  tags: springblade,detect
  created: 2023/12/12

rules:
  r0:
    request:
      method: GET
      path: /#/login
      follow_redirects: true
    expression: |
      response.body.bcontains(b'saber/iconfont.css') || 
      response.body.bcontains(b'Saber 将不能正常工作') || 
      response.body.bcontains(b"We're sorry but avue-data doesn't work") || 
      response.body.ibcontains(b'<title>Sword Admin')
  r1:
    request:
      method: GET
      path: /
      follow_redirects: true
    expression: |
      response.body.bcontains(b'saber/iconfont.css') || 
      response.body.bcontains(b'Saber 将不能正常工作') || 
      response.body.bcontains(b"We're sorry but avue-data doesn't work") || 
      response.body.ibcontains(b'<title>Sword Admin')
expression: r0() || r1()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/fingerprinting/springblade-detect.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

CVE-2021-44910: SpringBlade 框架默认 SIGN_KRY 秘钥漏洞 POC

CVE-2021-44910: SpringBlade - Information Leakage POC

SpringBlade /api/blade-resource/oss/list 信息泄露漏洞 无POC

LemonLDAP::NG 操作系统命令注入漏洞 无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞 无POC

SpringBlade /api/blade-resource/oss/list 信息泄露漏洞无POC

LemonLDAP::NG 操作系统命令注入漏洞无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞无POC