红队最爱50个高危漏洞,马了赶紧修
2023-8-7 21:31:39 Author: govuln.com(查看原文) 阅读量:175 收藏

盼望着,盼望着,演练来了,红队的脚步近了。


强烈建议各家蓝队负责人,自查以下50+高危漏洞的资产信息,并赶在正式开打前完成针对性处置动作。

这50多个漏洞是微步漏洞团队根据漏洞的危害、利用难易程度、影响面、实网攻击行为情况等诸多维度,从海量漏洞情报中提取出了近一年来被攻击方频繁利用、且危害较高的漏洞。

文中所提到的所有漏洞:
  • 影响范围、处置方案、漏洞利用画像等可使用相关链接查阅;
  • 微步在线威胁感知平台TDP、安全情报网关OneSIG均支持检测;
  • 微步漏洞情报订阅服务可提供专业的深度分析报告(含漏洞复现、漏洞成因分析、自查方案、攻击排查方法、临时缓解措施等),请扫描下方二维码或拨打400-030-1051,联系我们的客服人员。

漏洞列表

01

 Smartbi 权限绕过漏洞(XVE-2023-23574)

https://x.threatbook.com/v5/article?threatInfoID=52904

02

CVE-2023-38646 Metabase 远程代码执行漏洞(XVE-2023-22638)

https://x.threatbook.com/v5/article?threatInfoID=52382

03

CVE-2023-37582 Apache RocketMQ 远程命令执行漏洞(XVE-2023-21371)

https://x.threatbook.com/v5/article?threatInfoID=50495

04

Smartbi 登录代码逻辑漏洞(XVE-2023-21031)

https://x.threatbook.com/v5/article?threatInfoID=49305

05

Smartbi 身份认证绕过漏洞(XVE-2023-19289)

https://x.threatbook.com/v5/article?threatInfoID=47983

06

明源云ERP任意文件上传(XVE-2022-27795)

https://x.threatbook.com/v5/vul/7acfb69e9175c37f55fea96fce1b38e23c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

07

畅捷通T+前台远程命令执行漏洞(XVE-2023-3377)

https://x.threatbook.com/v5/article?threatInfoID=47154

08

CVE-2023-33246 Apache RocketMQ 远程命令执行漏洞(XVE-2023-16181)

https://x.threatbook.com/v5/article?threatInfoID=46723

09

大华智慧园区综合管理平台代码执行漏洞(XVE-2022-25261)

https://x.threatbook.com/v5/article?threatInfoID=46450

10

用友NC反序列化远程代码执行漏洞(XVE-2022-23651)

https://x.threatbook.com/v5/vul/4b56e401bb3c28a8005dc66aef67023f3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

11

CVE-2023-21931 Weblogic JNDI注入远程代码执行漏洞(XVE-2023-2153)
https://x.threatbook.com/v5/vul/a9bf902cd4fef2dd4e5604f3144b66b3b81ec2b4414ed2ad342c267eff6b57cc0dcf9a8e6e01caee96e02fe0983beb4d?source=vul


12

瑞友天翼应用虚拟化系统远程代码执行漏洞(XVE-2023-2584)
https://x.threatbook.com/v5/vul/9054d161e30982203ce8e959ec24cd8bb81ec2b4414ed2ad342c267eff6b57cc0dcf9a8e6e01caee96e02fe0983beb4d?source=vul

13

CVE-2023-23638 Apache Dubbo 反序列化远程代码执行漏洞(XVE-2023-4535)
https://x.threatbook.com/v5/vul/96d1788493033164d5e1f29930664bc0b81ec2b4414ed2ad342c267eff6b57cc0dcf9a8e6e01caee96e02fe0983beb4d?source=vul

14

Smartbi远程命令执行漏洞(XVE-2022-29241)

https://x.threatbook.com/v5/vul/f45dd616ce1e26ee2e2a70968a5e43673c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

15

泛微 e-cology9 存在任意用户登录漏洞(XVE-2023-8647)

https://x.threatbook.com/v5/vul/1c5f5957cb6e20421edcf2e86584f10eb81ec2b4414ed2ad342c267eff6b57cc0dcf9a8e6e01caee96e02fe0983beb4d?source=vul

16

Nacos集群Raft反序列化漏洞(XVE-2023-17663)

https://x.threatbook.com/v5/vul/00b9f17fe35184aa0ee429edb5110d4c3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

17

Apache Druid远程代码执行漏洞 (XVE-2023-7225)

https://x.threatbook.com/v5/vul/08602ad0f26671cec72c29c18246a52fb81ec2b4414ed2ad342c267eff6b57cc0dcf9a8e6e01caee96e02fe0983beb4d?source=vul

18

泛微 E-Cology SQL注入漏洞(XVE-2023-21310)

https://x.threatbook.com/v5/article?threatInfoID=49948

19

CVE-2023-25194 Apache Kafka Connect JNDI注入漏洞 (XVE-2023-3492)

https://x.threatbook.com/v5/article?threatInfoID=42400

20

CVE-2023-21839 Weblogic ForeignOpaqueReference远程代码执行漏洞(XVE-2023-2072)
https://x.threatbook.com/v5/vul/616f49faa71898c600960f5f8631f433b81ec2b4414ed2ad342c267eff6b57cc0dcf9a8e6e01caee96e02fe0983beb4d?source=vul

21

泛微OA Ecology9 SQL注入漏洞(XVE-2022-28360)

https://x.threatbook.com/v5/vul/92991b44885782387e10abf60b383cfb3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

22

禅道项目管理系统命令执行漏洞(XVE-2022-30144)

https://x.threatbook.com/v5/vul/797cda33247c2f8216f8aac06df9fb0a3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

23

ThinkPHP开发框架命令执行漏洞(XVE-2022-22661)

https://x.threatbook.com/v5/vul/881ccb236a30db81de3645fb1b978f1c3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

24

畅捷通T+远程代码执行漏洞(XVE-2022-20231)

https://x.threatbook.com/v5/vul/60fdd2ed4f7094c588d146a8b435fe0b3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

25

CVE-2022-36804 Atlassian Bitbucket Server命令注入漏洞(XVE-2022-17838 )

https://x.threatbook.com/v5/vul/8ad441da002766b2a99eaeada166856b3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

26

CNVD-2022-77758 YAPI代码执行漏洞(XVE-2022-28326)

https://x.threatbook.com/v5/vul/a3133d3f7d0c62d2f30678d7d37fbe7f3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

27

CNVD-2022-88038 Smartbi智能BI软件命令执行漏洞(XVE-2022-28397)

https://x.threatbook.com/v5/vul/306bc96192e57935bea19f25b537451b3c6ffecfe0d0faa09f5f16adcd7c4c767d2bdf5cad841fe296a53850b71f0a4c?source=vul

28

CVE-2022-26134 Confluence webwork OGNL 远程命令执行漏洞(XVE-2022-4991)
https://x.threatbook.com/v5/vul/f07acc24b924f8901d703f69f38812ceb81ec2b4414ed2ad342c267eff6b57cc0dcf9a8e6e01caee96e02fe0983beb4d?source=vul

29

CVE-2022-22980 Spring Data MongoDB SpEL 表达式注入漏洞(XVE-2022-0718)
https://x.threatbook.com/v5/vul/2771c9fbdc1ae2d1ef6f1147aab349bfb81ec2b4414ed2ad342c267eff6b57cc0dcf9a8e6e01caee96e02fe0983beb4d?source=vul

30

用友 NC Cloud远程代码执行漏洞(XVE-2023-22488)

https://x.threatbook.com/v5/vul/431fb132c6d041ddb2e00b7bfe61f8d0ce7d843da6756be22cfdbe5ab56175c15d30accd46b0bfeedda1a716f737bff7?source=vul

31

nginxWebUI 远程命令执行漏洞(XVE-2023-2934)

https://x.threatbook.com/v5/vul/eb607cb537741b32393c57eb1ae7b8a7bf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

32

CVE-2023-32315 Openfire控制台权限绕过漏洞(XVE-2023-13418)
https://x.threatbook.com/v5/vul/6fcda1dc110a7e0eaa20f87d114d4c75ce7d843da6756be22cfdbe5ab56175c15d30accd46b0bfeedda1a716f737bff7?source=vul

33

海康威视iVMS8700文件上传漏洞(XVE-2022-23887)

https://x.threatbook.com/v5/vul/288eab4c65b4f22f510396ebcfef141ece7d843da6756be22cfdbe5ab56175c15d30accd46b0bfeedda1a716f737bff7?source=vul

34

CVE-2023-27524 Apache Superset 身份认证绕过漏洞(XVE-2023-7400)

https://x.threatbook.com/v5/vul/7ff2f9a13220d6e20605032160922fb4bf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

35

CVE-2023-28432 MinIO信息泄露漏洞(XVE-2023-5406)

https://x.threatbook.com/v5/vul/c16b73fb8e8ec7023b1090ad607088bbbf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

36

CVE-2022-26133 Bitbucket Data Center远程代码执行漏洞(XVE-2022-4995)

https://x.threatbook.com/v5/vul/c45c04d97db1774eec9c7f02bf5808cebf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

37

CNVD-2022-10270 向日葵个人版 for Windows存在命令执行漏洞 (XVE-2022-3757)
https://x.threatbook.com/v5/vul/5fba5773073e0c459743a52b9098f6cdbf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

38

CVE-2022-1388 F5 BIG-IP命令执行漏洞(XVE-2022-9088)
https://x.threatbook.com/v5/vul/eb08b4d2cfcc75a64b50b933bd5342edbf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

39

CNVD-2023-27598 Apache Solr代码执行漏洞(XVE-2023-7001)
https://x.threatbook.com/v5/vul/1552848484f0d193d4ccb68a846c2002bf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

40

CVE-2022-24706 Apache CouchDB访问控制错误漏洞(XVE-2022-3316)
https://x.threatbook.com/v5/vul/bfd6401073fde6899ff0f47501dca0d4bf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

41

CVE-2022-25845 Fastjson 1.2.8反序列化漏洞(XVE-2022-4558)
https://x.threatbook.com/v5/vul/e66d9c88a8d3db91cb3f3171c3d94370bf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

42

CVE-2022-40127 Apache Airflow代码注入漏洞(XVE-2022-21798)
https://x.threatbook.com/v5/vul/569fb0fab7cfeddc39240da57042aae5ce7d843da6756be22cfdbe5ab56175c15d30accd46b0bfeedda1a716f737bff7?source=vul

43

蓝凌EKP远程代码执行漏洞(XVE-2022-15945)

https://x.threatbook.com/v5/vul/b93de9e94654106baaf63a2e007f6ffece7d843da6756be22cfdbe5ab56175c15d30accd46b0bfeedda1a716f737bff7?source=vul

44

蓝凌OA datajson.js远程代码执行漏洞(XVE-2023-8799)

https://x.threatbook.com/v5/vul/29a342e6af90ff8d22cec19ee0ab7921bf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

45

泛微E-Office任意文件上传(XVE-2023-8377)

https://x.threatbook.com/v5/vul/46f8e8ef83e8722d1f5be96338798d2bbf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

46

宏景人力资源信息管理系统 codesettree SQL注入漏洞(XVE-2023-8560)
https://x.threatbook.com/v5/vul/d71fcabf1900b92d9cc92e9ce39effaabf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

47

CVE-2023-25157 GeoServer SQL注入漏洞(XVE-2023-3986)
https://x.threatbook.com/v5/vul/cac52c86933dcedc57935c0bc89abba9bf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

48

CVE-2021-44228 Apache Log4j2远程代码执行漏洞(XVE-2021-40836)
https://x.threatbook.com/v5/vul/a577ced6e625db6cf96debedc671e724ce7d843da6756be22cfdbe5ab56175c15d30accd46b0bfeedda1a716f737bff7?source=vul

49

CVE-2022-42889 Apache Commons Text任意代码执行漏洞(XVE-2022-25017)
https://x.threatbook.com/v5/vul/aa7007b53594dc86ca86fcd7e444f6b2ce7d843da6756be22cfdbe5ab56175c15d30accd46b0bfeedda1a716f737bff7?source=vul

50

CVE-2023-25690 Apache HTTP Server请求走私漏洞(XVE-2023-4492)

https://x.threatbook.com/v5/vul/76bcefdb71abcd16220f78a7994711a5bf1d3b070fdee87dec7cbaf800e9839784bcc020817f3a5ea2edd7caa913c7d2?source=vul

微步漏洞情报订阅服务

微步漏洞情报订阅服务是由微步漏洞团队面向企业推出的一项高级分析服务,致力于通过微步自有产品强大的高价值漏洞发现和收集能力以及微步核心的威胁情报能力,为企业提供0day漏洞预警、最新公开漏洞预警、漏洞分析及评估等漏洞相关情报,帮助企业应对最新0day/1day等漏洞威胁并确定漏洞修复优先级,快速收敛企业的攻击面,保障企业自身业务的正常运转。

X 漏洞奖励计划

“X漏洞奖励计划”是微步X情报社区推出的一款0day漏洞奖励计划,我们鼓励白帽子提交挖掘到的0day漏洞,并给予白帽子可观的奖励。我们期望通过该计划与白帽子共同努力,提升0day防御能力,守护数字世界安全。

点击文末“阅读原文”,即可查看活动详情。



文章来源: https://govuln.com/news/url/m0Bg
如有侵权请联系:admin#unsafe.sh