| शीर्षक | Kingdee Cloud-Starry-Sky Enterprise Edition V8.2 Remote Arbitrary Code Execution Vulnerability ( RCE ) |
|---|
| विवरण | 1.Vulnerability Name
Remote Arbitrary Code Execution Vulnerability (RCE) of Kingdee Cloud-Starry-Sky Enterprise Edition
2.Vulnerability contributor and submitter: caichaoxiong
3.Manufacturer and product information:
Manufacturer information: https://www.kingdee.com/products/galaxy.html
4.Vulnerability Level
Critical.
5.Vulnerability Description
ScriptEngine is part of the Java platform of Kingdee Cloud Star application software, located in the javax.script package, and can provide a standard way to execute scripting languages, including JavaScript, Python, Groovy, etc. When processing user input, the ScriptEngine of Kingdee Cloud Star BBC Mall (Tomcat-BBCMallSite) has a security defect. Attackers can inject malicious code without authentication and execute arbitrary code on the server side , resulting in a remote arbitrary code execution vulnerability (RCE). It can obtain sensitive data information of the Kingdee Cloud Star server , control the application system , penetrate the intranet, etc., which is serious.
6.Repair Plan
Avoid using the JS engine of the backend service to directly execute arbitrary data input by the user . Any data input or passed in by the user is considered untrustworthy and needs to be filtered and encoded. |
|---|
| स्रोत | ⚠️ https://wx.mail.qq.com/s?k=nHPdhBg6RWIQsQ6rEP |
|---|
| उपयोगकर्ता | caichaoxiong (UID 84060) |
|---|
| सबमिशन | 21/06/2025 07:04 AM (10 महीनों पहले) |
|---|
| संयम | 28/09/2025 11:49 AM (3 months later) |
|---|
| स्थिति | प्रतिलिपि |
|---|
| VulDB प्रविष्टि | 318642 [Kingdee Cloud-Starry-Sky Enterprise Edition तक 8.2 IIS-K3CloudMiniApp FileUploadAction.class filePath निर्देशिका ट्रैवर्सल] |
|---|
| अंक | 0 |
|---|