Access Control: Sangfor Log Center - Remote Command Execution¶

Identifier: sangfor_cphp_rce

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Sangfor Log Center is vulnerable to remote code execution, potentially allowing attackers to execute arbitrary commands on the server.

How we test: We test for remote code execution vulnerabilities in Sangfor Log Center by attempting to execute commands through vulnerable endpoints and analyzing responses to detect if arbitrary code execution is possible.

Reference:

https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E6%B7%B1%E4%BF%A1%E6%9C%8D%20%E6%97%A5%E5%BF%97%E4%B8%AD%E5%BF%83%20c.php%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md?plain=1

Configuration¶

Example¶

Example configuration:

---
security_tests:
  sangfor_cphp_rce:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.