SolarWinds NPMÔ¶³Ì´úÂëÖ´Ðзì϶£¨CVE-2021-31474£©

°ä²¼¹¦·ò 2021-05-26

0x00 ·ì϶¸ÅÊö

CVE  ID

CVE-2021-31474

ʱ    ¼ä

2021-05-26

Àà   ÐÍ

RCE

µÈ    ¼¶

ÑϳÁ

Ô¶³ÌÀûÓÃ

ÊÇ

Ó°ÏìÁìÓò

2020.2.1

PoC/EXP

δ¹«¿ª

ÔÚÒ°ÀûÓÃ

·ñ

 

0x01 ·ì϶ÏêÇé

image.png

 

SolarWinds Network Performance Monitor£¨NPM£©ÊǼ¯ÍøÂç¼à²â¡¢É豸»úÄÜÊØ»¤ÖÎÀí¡¢¹ÊÕϼà¿Ø¡¢ÍøÂçʵʱÁ÷Á¿¼à¿ØºÍº¹ÇàÊý¾Ýͳ¼Æ¡¢»ã×ܺͺ¹ÇàÊý¾Ý·ÖÎöµÈÖ°ÄÜÓÚÒ»ÌåµÄÍøÂçÖÎÀíϵͳ¡£

2021Äê05ÔÂ20ÈÕ £¬Zero Day Initiative¹«¿ªÅû¶ÁËSolarWinds Network Performance MonitorÖеÄÒ»¸öÔ¶³Ì´úÂëÖ´Ðзì϶£¨CVE-2021-31474£© £¬ÆäCVSSÆÀ·ÖΪ9.8¡£

¸Ã·ì϶´æÔÚÓÚSolarWinds.Serialization¿âÖÐ £¬ÓÉÓÚ¶ÔÓû§ÌṩµÄÊý¾Ý²»×ãÕýÈ·ÑéÖ¤ £¬µ¼Ö²»ÐÅÀµÊý¾ÝµÄ·´ÐòÁл¯¡£³É¹¦ÀûÓô˷ì϶µÄ¹¥»÷ÕßÄܹ»ÔÚϵͳ¸ßµÍÎÄÖÐÖ´ÐÐËÁÒâ´úÂë £¬¶øÎÞÐè¾­¹ýÉí·ÝÑéÖ¤¡£

 

Ó°ÏìÁìÓò

SolarWinds Network Performance Monitor 2020.2.1

 

0x02 ´ëÖý¨Òé

Ä¿Ç°SolarWindsÒѾ­½¨¸´Á˸÷ì϶ £¬½¨Ò龡¿ì½øÐÐÉý¼¶¸üС£

ÏÂÔØÁ´½Ó£º

https://documentation.solarwinds.com/en/success_center/sam/content/release_notes/sam_2020-2-5_release_notes.htm

 

0x03 ²Î¿¼Á´½Ó

https://www.zerodayinitiative.com/advisories/ZDI-21-602/

https://nvd.nist.gov/vuln/detail/CVE-2021-31474

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31474

 

0x04 ¹¦·òÏß

2021-05-20  ZDI¹«¿ªÅû¶·ì϶

2021-05-26  VSRC°ä²¼°²È«¹«¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/

image.png