漏洞描述
用友NC是一款企业级ERP软件。用友NC存在远程命令执行漏洞,攻击者利用该漏洞可在未授权的情况实现远程命令执行
yonyouNC 任意命令执行
PoC代码
暂无相关漏洞推荐
- POCyonyou-nc-accept-upload: YonYou NC Accept Upload
- POCyonyou-nc-cloud-getStaffInfo-sqli: Yonyou NC-Cloud getStaffInfo SQL Injection
- POCyonyou-nc-cloud-uapjs-rce: 用友 Yonyou NC uapjs RCE
- POCyonyou-nc-portalsesInittoolservice-disclosure: 用友 portalsesInittoolservice 泄露数据库账号密码
- POCyonyou-nc-savexmltofileservlet-fileupload: YONYOU NC saveXmlToFIleServlet接口文件上传
- POCyonyou-filereceiveservlet-fileupload: Yonyou NC FileReceiveServlet - Aribitrary File Upload
- POCyonyou-nc-accept-fileupload: YonYou NC Accept Upload - Arbitray File Upload
- POCyonyou-nc-baseapp-deserialization: Yonyou NC BaseApp UploadServlet - Deserialization Detect
- POCyonyou-nc-grouptemplet-fileupload: UFIDA NC Grouptemplet Interface - Unauthenticated File Upload
- POCyonyou-nc-ncmessageservlet-rce: UFIDA NC NCMessageServlet - Deserialization RCE Detection