vulcat-v1.2.0
2023.03.01
vulcat-v1.2.0
- 新增POC:
- Fastjson <= 1.2.62 反序列化 (暂无编号)
- Fastjson <= 1.2.66 反序列化 (暂无编号)
- GoCD Business Continuity 任意文件读取 (CVE-2021-43287)---(查看漏洞复现)
- JBoss 未授权访问 (暂无编号)---(查看漏洞复现)
- Jenkins 未授权访问 (暂无编号)---(查看漏洞复现)
- Joomla 3.7 Core com_fields组件SQL注入 (CVE-2017-8917)---(查看漏洞复现)
- Joomla 4 未授权访问 (CVE-2023-23752)---(查看漏洞复现)
- Weblogic LDAP 远程代码执行 (CVE-2021-2109)---(查看漏洞复现)
-
增加DNSLOG平台支持:http://dnslog.pw/
你可以查询文档,配置dnslog.pw平台并使用 -
其它优化
-
修复一些Bug (感谢Teicu)
- new POC:
- Fastjson <= 1.2.62 deSerialization (暂无编号)
- Fastjson <= 1.2.66 deSerialization (暂无编号)
- GoCD Business Continuity FileRead (CVE-2021-43287)---(Demo)
- JBoss unAuthorized (暂无编号)---(Demo)
- Jenkins unAuthorized (暂无编号)---(Demo)
- Joomla 3.7 Core com_fields SQLinject (CVE-2017-8917)---(Demo)
- Joomla 4 unAuthorized (CVE-2023-23752)---(Demo)
- Weblogic LDAP Remote code execution (CVE-2021-2109)---(Demo)
-
Added DNSLOG platform support:http://dnslog.pw/
You can query Documentation,Configure dnslog.pw and use -
Other optimizations
-
Fix some bugs (Thanks Teicu)