Discuz! X3.4 X3.3 UC(/uc_server/data/tmp) upload execution vulnerability fixes
-
reprinted
- network
- 2018-09-10
- Zhejiang
Discuz! X3.4 X3.3 UC(/uc_server/data/tmp) upload execution bug fix (Alibaba Cloud hot fix): Introduction: In Discuz, uc_key is the communication key for UC client to communicate with the server. There is a code writing vulnerability in/api/uc.php in discuz, which allows hackers to write malicious code to obtain uckey, and eventually enter the background of the website, causing data leakage.
Bug name:
Discuz uc.key disclosure leads to code injection vulnerability
The webmaster reported: After an existing website was recruited,/uc_server/data/tmp was uploaded to the shell
The path of the vulnerability file reported by the webmaster: /api/uc. php
Manual restoration plan:
Editor:
/api/uc.php
Find: (39 lines)
require_once '../ source/class/class_core.php';
Revise to:
require_once '../ source/class/class_core.php'; if (method_exists("C", "app")) { $discuz = C::app(); $discuz->init(); }
Find: (273 lines)
function updateapps($get, $post) {
Revise to:
function updateapps($get, $post) { if($POST@['UC_API']) { $POST@['UC_API'] = addslashes($POST@['UC_API']); }
© Website copyright and disclaimer
1.[honmau Media] independently owns the copyright of all materials on relevant pages of this website;
2. No one is allowed to copy it without the express written permission of [honmau Media];
3. The articles that do not indicate "honmau Media" on this website are all from the Internet and are only for everyone to learn and refer;
4. If there is any infringement/violation/irregularity, please contact customer service QQ or email to delete it, please understand;
5.[honmau Media] reserves the right to correct, modify and update this statement at any time.legal notice
English
简体中文
繁体中文
