Shulou(Shulou.com)06/01 Report--

At present, Apple CMS officials are constantly upgrading patches, and the latest official bug patches have no effect on the new vulnerabilities that have broken out. Users who update the patch will still be attacked by hanging horses, so many customers come to our SINE Security to seek technical support for website security. We have unique security solutions for this vulnerability and protection against hanging horse attacks, including some undisclosed maccms POC vulnerabilities.

At present, maccms is officially reminded by Baidu URL Security Center that the site may be attacked by hackers, and some pages have been illegally tampered with! Access to Apple's official website has been suspended for special reasons, and access to the content is banned, but the updated URL of the upgrade patch can still be opened.

The screenshot is as follows:

Details of Apple CMS vulnerabilities:

Apple CMS V8 V10 version has code reinstallation vulnerabilities, code backdoor vulnerabilities and arbitrary file deletion vulnerabilities. Through the information security vulnerability notification of CNVD-2019-43865, you can confirm that maccms V10 has vulnerabilities, you can forge malicious code and send it to the back end of the website for execution, you can delete any files under the website directory, delete the configuration files that reinstall Apple CMS system, and cause the maccms system to be reinstalled. And during the installation process, insert sql injection code into the database to execute and obtain webshell and server permissions.

There is a backdoor loophole in the source code of Apple CMS V8 V10. Through the testing of our SINE security technology, we found that the reason for the backdoor is that Baidu searches Apple's official website, maccms official, and the sites that rank on the front page of Baidu search are all fake websites. The real official website address is www.maccms.com, including templates, pictures, and CSS exactly like the real official website. Many customers click on this shanzhai website to download the source code, which hides the Trojan backdoor file, which Ali Yun cannot detect.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.