YonYou NC Arbitrary File Upload Scanner
Detects 'Arbitrary File Upload' vulnerability in YonYou NC.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
8 days 2 hours
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
The YonYou NC software is utilized by businesses to streamline operations through integrated management systems. It is widely used in accounting, finance, human resources, and other administrative functionalities within organizations. Enterprises rely on YonYou NC to manage complex tasks and information flows efficiently. It serves a crucial role in resource planning, data analysis, and decision-making. Its widespread use in various sectors highlights its importance in enhancing enterprise productivity. The system is designed to support large-scale operational needs, making it a valuable tool for corporate management.
The vulnerability in question, Arbitrary File Upload, allows attackers to upload malicious files to the server hosting the application. This vulnerability can be leveraged to gain unauthorized access or execute malicious code. Hackers can exploit this flaw to introduce harmful files which can alter or damage server processes. The vulnerability arises due to improper handling of file uploads in the application, allowing files outside permissible types or formats to bypass security checks. It is critical as it potentially allows attackers to compromise the server's integrity. Such a vulnerability considerably heightens the risk of security breaches within the application.
Technical details of this vulnerability reveal that the vulnerable endpoint is accept.jsp. This file improperly processes incoming file uploads, failing to adequately verify file types and content, allowing potentially dangerous files to be uploaded. Variables like "upload" and "fname" in the POST request are exploited to upload and rename malicious scripts on the server. The application’s directory path, found in the payload, specifies incorrect file storage, which attackers manipulate. These paths enable attackers to pivot and deploy further code execution attacks. This technical fault allows attackers to execute arbitrary code by placing scripts on the server.
When exploited, this vulnerability can result in severe impacts such as unauthorized code execution, server compromise, and potential data breaches. Attackers gaining control over the server can manipulate or extract sensitive data, causing significant information security incidents. The compromised system could also be used as a vector to launch further attacks on connected networks. Such exploitation can disrupt service availability, leading to operational and reputational damages for affected organizations. The potential for server takeover and unauthorized actions underscores the critical need for secure file handling practices.
REFERENCES
- http://wiki.peiqi.tech/wiki/oa/%E7%94%A8%E5%8F%8BOA/%E7%94%A8%E5%8F%8B%20GRP-U8%20Proxy%20SQL%E6%B3%A8%E5%85%A5%20CNNVD-201610-923.html
- https://mp.weixin.qq.com/s?__biz=MzkyMTMwNjU1Mg==&chksm=c184c6a1f6f34fb788437557f0e7708c74b16928e5973772db09b12067f10cf28b108701f67a&idx=1&lang=zh_CN&mid=2247488118&sn=16217c422eafc656df5fcacee9aa2153&token=857848930#rd
