Kingdee-erp-Unserialize-RCE
Overview:
This repository provides proof of concept (POC) and exploit (EXP) for a remote code execution (RCE) vulnerability found in Kingdee ERP's unserialize function.
Key Features:
- Exploits the lack of signature or verification during serialization/deserialization.
- Targets specific vulnerable versions of Kingdee ERP (versions 6.x, 7.x, and 8.x).
Benefits:
- Assists security professionals in identifying and verifying vulnerabilities in Kingdee ERP systems.
- Enhances awareness of potential security issues and the need for proper validation in serialization processes.
Usage:
Includes command examples for checking vulnerabilities and executing commands remotely through the exploit.
