漏洞:后台添加用户处(其实不止,其它同类)可执行任意命令 #311

Closed
peter17919 opened this Issue Oct 11, 2016 · 1 comment

Projects

None yet

2 participants

@peter17919
Contributor
peter17919 commented Oct 11, 2016 edited

后台用户管理--添加用户处,如果被恶意构造,即可执行任意命令,因为jumpserver使用的是root权限启动,所以有最高权限,比如添加用户时提交如下代码,即可关机jumpserver系统:
username=test'%26%26reboot%26%26echo+'1&name=test&role=CU&email=test@test.com
其它地方如果也是直接调用subprocess.call的话也存在同样的问题,在此不一一列举

大家可千万别在demo上测试,要不老广该生气了

@ibuler
Member
ibuler commented Oct 12, 2016

收到,感谢反馈

@ibuler ibuler added a commit that closed this issue Nov 3, 2016
@peter17919 @ibuler peter17919 + ibuler fix #311 (#313)
* Update views.py

* Update views.py

* Update views.py

* Update views.py

* Update views.py
124e26f
@ibuler ibuler closed this in 124e26f Nov 3, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment