Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OneNav has directory traversal with file inclusion that can lead to Getshell #44

Closed
Le0nsec opened this issue Feb 25, 2022 · 2 comments
Closed

Comments

@Le0nsec
Copy link

Le0nsec commented Feb 25, 2022

漏洞简介 Vulnerability Introduction

由于index.php存在拼接且未经过滤的可控参数文件包含,可以进行路径穿越包含php原生pearcmd.php导致写入恶意文件Getshell。

Due to the inclusion of spliced and unfiltered controllable parameter files in index.php, path traversal can be performed to include php native pearcmd.php resulting in the writing of the malicious file getshell.

@helloxz
Copy link
Owner

helloxz commented Feb 25, 2022

该漏洞风险较高,我修改了你提交的漏洞详情,请谅解。感谢您的反馈,目前该漏洞已经在0.9.15中进行了修复。

@helloxz helloxz closed this as completed Feb 25, 2022
@Le0nsec
Copy link
Author

Le0nsec commented Mar 12, 2022

I applied for a CVE with the number CVE-2022-26276.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants