CVE-2022-23389: Arbitrary command execution vulnerability（任意命令执行漏洞） · Issue #59 · sanluan/PublicCMS

PublicCMS v4.0 Value parameter has command execution vulnerability****Vulnerability Type :

command execution

Vulnerability Version :

4.0

##Vulnerability location：
PublicCMS-4.0.202107.c/publiccms-parent/publiccms-core/src/main/java/com/publiccms/co
ntroller/admin/sys/SysSiteAdminController.java:249

Vulnerability Description AND recurrence:

Manual audit of publiccms source code，a command execution vulnerability was discovered

Vulnerable link 1: PublicCMS-4.0.202107.c/publiccms-parent/publiccms-core/src/main/java/com/publiccms/contr
oller/admin/sys/SysSiteAdminController.java:211

parameters is the source of taint, value:<>（parameters是污点来源，value:<>）

Vulnerable link 2：PublicCMS-4.0.202107.c/publiccms-parent/publiccms- core/src/main/java/com/publiccms/controller/admin/sys/SysSiteAdminController.java:223

The stain is passed from parameters to cmdarray, value:<>（污点从parameters传递至cmdarray，value:<>）

Vulnerable link 3：PublicCMS-4.0.202107.c/publiccms-parent/publiccms-core/src/main/java/com/publiccms/contr
oller/admin/sys/SysSiteAdminController.java:249
RCE type risk trigger, caused by the input parameter cmdarray, value:<> (RCE类型风险触发，由入参cmdarray导致，value:<>)