用友某二级域名未授权访问导致命令执行

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: 未授权访问 ### 详细说明: JBOOS的配置的web-console未设置权限访问 导致命令执行漏洞 ### 漏洞证明: http://shenpi.yonyou.com/web-console/ [<img src="https://images.seebug.org/upload/201509/2520402819d540c8665a85d7df357b94bf9f5d87.png" alt="1PNG.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201509/2520402819d540c8665a85d7df357b94bf9f5d87.png) [<img src="https://images.seebug.org/upload/201509/25204111f9e6c5936a9e335afb3bb77c95fcedd2.png" alt="2.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201509/25204111f9e6c5936a9e335afb3bb77c95fcedd2.png)

0%
暂无可用Exp或PoC
当前有0条受影响产品信息