| Titel | Apereo CAS v5.2.6 Remote Arbitrary Code Execution |
|---|
| Beschreibung | 1.Vulnerability Name:
Apereo CAS v5.2.6 Groovy Remote Arbitrary Code Execution Vulnerability
2.Vulnerability discoverers and contributors:蔡超雄(caichaoxiong)
3.Vulnerability level: High
4.Impact : v5.2.6
5.Vulnerability location: saveService interface of Apereo cas-management.
6. Vulnerability Description:
Service that can be executed arbitrary Groovy code through the saveService interface of cas-management , resulting in Remote arbitrary code execution .
7. Vulnerability discovery process :
Vulnerability Exploitation Conditions:
(1) csa-server has enabled the extended support for dynamic registration of services (dynamic registration of services is not enabled by default);
(2) You need to deploy the cas-management management backend, have the account and password of the management backend, and have the authority to access the saveService interface;
(3) Modify the application.properties configuration to enable status and have permission to access the CAS Dashboard of the csa-server (the CAS Dashboard allows access through 127.0.0.1 by default). |
|---|
| Quelle | ⚠️ https://wx.mail.qq.com/s?k=ilW4ixcMaVgGU49Dij |
|---|
| Benutzer | caichaoxiong (UID 84060) |
|---|
| Einreichung | 12.04.2025 15:49 (vor 1 Jahr) |
|---|
| Moderieren | 26.04.2025 10:07 (14 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 306320 [Apereo CAS 5.2.6 Groovy Code RegisteredServiceSimpleFormController.java saveService erweiterte Rechte] |
|---|
| Punkte | 17 |
|---|