Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-0192 PoC — Apache Solr 代码问题漏洞

Source
https://github.com/Rapidsafeguard/Solr-RCE-CVE-2019-0192
Associated Vulnerability
Title:Apache Solr 代码问题漏洞 (CVE-2019-0192)
Description:In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.
Description
Apache Solr remote code execution via dataImportHandler
Readme
# Solr-RCE-CVE-2019-0192
Apache Solr remote code execution via dataImportHandler

### Target Solr version: 1.3 – 8.2
Requirements: DataImportHandler should be enabled, which is not by default. I have tested on version 6.2

### python 
python solr_RCE.py
File Snapshot

 [4.0K]  /data/pocs/02464fff0695c82587f83c9f30bfbf9170d8dd5e
├── [ 258]  README.md
└── [2.7K]  solr_RCE.py

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →