Oneblog Shiro Default Key Remote Command Execution Vulnerability
Oneblog Shiro Default Key Remote Command Execution Vulnerability
OneBlog Shiro default key Remote command execution vulnerability
Vulnerability Description
OneBlog is less than v2.2.1 Remote command execution vulnerability due to the use of Apache Shiro with vulnerability and the default key
Vulnerability Impact
OneBlog <= v2.2.1
Network surveying and mapping
Vulnerability reappears
The login page is as follows
Use the tool to directly exploit the Apache Shiro vulnerability
This post is licensed under CC BY 4.0 by the author.