CVE-2023-43268: GitHub - Fliggyaaa/DeYue-remote-vehicle-management-system

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

1 branch 0 tags

Code

• Use Git or checkout with SVN using the web URL.

• Open with GitHub Desktop

• Download ZIP

Latest commit

FilesPermalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

DeYue-remote-vehicle-management-system

##[CVE ID]

CVE-2023-43268

##[PRODUCT]

DeYue-remote-vehicle-management-system

##[VERSION]

1.1

##[PROBLEM TYPE]

Shiro deserialization

##[DESCRIPTION]

The DeYue vehicle management system adopts the Shiro framework and adopts a default key. Users can obtain system permissions by using Shiro deserialization

Disclaimers: This article is for safety communication and learning. Do not use the methods and ideas in this article to engage in illegal activities

The login of this target adopts the shiro framework, which directly uses the default key and utilizes the chain to directly obtain system permissions Obtain root privileges