{"uuid": "b95ba256-a075-4e6a-ae2d-9d9548352444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41678", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/55456", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1awebshell\n\u63cf\u8ff0\uff1aCVE-2022-41678 \u662f Apache ActiveMQ \u4e2d\u7684\u4e00\u4e2a\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7 JMX (Java Management Extensions) \u63a5\u53e3\u4fee\u6539 Log4j \u914d\u7f6e\u6216 JFR (Java Flight Recorder) \u914d\u7f6e\uff0c\u4ece\u800c\u5199\u5165\u6076\u610f\u7684 JSP webshell \u5230\u670d\u52a1\u5668\u7684 web \u76ee\u5f55\u4e2d\uff0c\u6700\u7ec8\u5b9e\u73b0\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\nURL\uff1ahttps://github.com/URJACK2025/CVE-2022-41678\n\n\u6807\u7b7e\uff1a#webshell", "creation_timestamp": "2025-10-14T14:25:33.000000Z"}