SolarWinds NPMÔ¶³Ì´úÂëÖ´Ðзì϶£¨CVE-2021-31474£©

°ä²¼¹¦·ò 2021-05-26

0x00 ·ì϶¸ÅÊö

CVE  ID

CVE-2021-31474

ʱ    ¼ä

2021-05-26

Àà   ÐÍ

RCE

µÈ    ¼¶

ÑϳÁ

Ô¶³ÌÀûÓÃ

ÊÇ

Ó°ÏìÁìÓò

2020.2.1

PoC/EXP

δ¹«¿ª

ÔÚÒ°ÀûÓÃ

·ñ

 

0x01 ·ì϶ÏêÇé

image.png

 

SolarWinds Network Performance Monitor£¨NPM£©ÊǼ¯ÍøÂç¼à²â¡¢É豸»úÄÜÊØ»¤ÖÎÀí¡¢¹ÊÕϼà¿Ø¡¢ÍøÂçʵʱÁ÷Á¿¼à¿ØºÍº¹ÇàÊý¾Ýͳ¼Æ¡¢»ã×ܺͺ¹ÇàÊý¾Ý·ÖÎöµÈÖ°ÄÜÓÚÒ»ÌåµÄÍøÂçÖÎÀíϵͳ ¡£¡£¡£¡£¡£

2021Äê05ÔÂ20ÈÕ£¬£¬£¬ £¬ £¬Zero Day Initiative¹«¿ªÅû¶ÁËSolarWinds Network Performance MonitorÖеÄÒ»¸öÔ¶³Ì´úÂëÖ´Ðзì϶£¨CVE-2021-31474£©£¬£¬£¬ £¬ £¬ÆäCVSSÆÀ·ÖΪ9.8 ¡£¡£¡£¡£¡£

¸Ã·ì϶´æÔÚÓÚSolarWinds.Serialization¿âÖУ¬£¬£¬ £¬ £¬ÓÉÓÚ¶ÔÓû§ÌṩµÄÊý¾Ý²»×ãÕýÈ·ÑéÖ¤£¬£¬£¬ £¬ £¬µ¼Ö²»ÐÅÀµÊý¾ÝµÄ·´ÐòÁл¯ ¡£¡£¡£¡£¡£³É¹¦ÀûÓô˷ì϶µÄ¹¥»÷ÕßÄܹ»ÔÚϵͳ¸ßµÍÎÄÖÐÖ´ÐÐËÁÒâ´úÂ룬£¬£¬ £¬ £¬¶øÎÞÐè¾­¹ýÉí·ÝÑéÖ¤ ¡£¡£¡£¡£¡£

 

Ó°ÏìÁìÓò

SolarWinds Network Performance Monitor 2020.2.1

 

0x02 ´ëÖý¨Òé

Ä¿Ç°SolarWindsÒѾ­½¨¸´Á˸÷ì϶£¬£¬£¬ £¬ £¬½¨Ò龡¿ì½øÐÐÉý¼¶¸üР¡£¡£¡£¡£¡£

ÏÂÔØÁ´½Ó£º

https://documentation.solarwinds.com/en/success_center/sam/content/release_notes/sam_2020-2-5_release_notes.htm

 

0x03 ²Î¿¼Á´½Ó

https://www.zerodayinitiative.com/advisories/ZDI-21-602/

https://nvd.nist.gov/vuln/detail/CVE-2021-31474

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31474

 

0x04 ¹¦·òÏß

2021-05-20  ZDI¹«¿ªÅû¶·ì϶

2021-05-26  VSRC°ä²¼°²È«¹«¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/

image.png