CVE-2019-12747：TYPO3 9.5.7 RCE漏洞分析

PGg1IGNsYXNzPSJhbGVydC1oZWFkaW5nIj7or5Hmloflo7DmmI48L2g1PjxwPuacrOaWh+aYr+e/u+ivkeaWh+eroO+8jOaWh+eroOWOn+S9nOiAhXJpcHN0ZWNo77yM5paH56ug5p2l5rqQ77yaYmxvZy5yaXBzdGVjaC5jb20gJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7PGJyLz7ljp/mloflnLDlnYDvvJpodHRwczovL2Jsb2cucmlwc3RlY2guY29tLzIwMTkvdHlwbzMtb3ZlcnJpZGluZy10aGUtZGF0YWJhc2UKICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDs8L3A+PGhyLz48cCBjbGFzcz0ibWItMCI+6K+R5paH5LuF5L6b5Y+C6ICD77yM5YW35L2T5YaF5a656KGo6L6+5Lul5Y+K5ZCr5LmJ5Y6f5paH5Li65YeGPC9wPjxkaXYgY2xhc3M9ImFydGljbGUtY29udGVudCI+PHA+PGltZyBzcmM9Imh0dHBzOi8vYmJzLnprYXEuY24vdXBsb2FkL3VzZXJmaWxlLzYzOS9kODY4NGM3YWFkOTkyMzNkYzMxYjIwYzE4ZWU3ZmJlOC5wbmciLz48YnIvPjwvcD48cD4mbmJzcDs8L3A+PGgyIGlkPSJoMi0wIj4weDAxIOamgui/sDwvaDI+PHA+5Zyo5pys5paH5Lit77yM5oiR5Lus56CU56m2VFlQTzMgQ01T55qE5qC45b+D5Lit55qE5LiA5Liq5YWz6ZSu5ryP5rSe77yM6K+l5ryP5rSe6YCa6L+H5Luj56CB5a6h6K6h5oyW5o6Y6ICM5Ye644CC6K+l5ryP5rSe5L2/5b6X57uP6L+H6Lqr5Lu96aqM6K+B55qE55So5oi36IO95aSf5Zyo5bqV5bGC57O757uf5LiK5omn6KGM5Lu75oSPUEhQ5Luj56CB44CCPC9wPjxwPuWPl+ivpea8j+a0nuW9seWTjeeahOeJiOacrOaYr1RZUE8zIDgueOWIsDguNy4yNu+8jOS7peWPilRZUE8zIDkueOWIsDkuNS4344CC5a+55LiN5Y+v5L+h5pWw5o2u55qE5Y+N5bqP5YiX5YyW5Lya5a+86Ie06L+c56iL5Luj56CB5omn6KGM5ryP5rSe77yM6K+l5ryP5rSe5Y+v5Lul5LiO5ZCO56uv5Lit5qOA5rWL5Yiw55qE6Leo56uZ6ISa5pys5ryP5rSeKENWRS0yMDE5LTEyNzQ4KeebuOe7k+WQiOOAgjwvcD48cD5SSVDmiavmj4/miqXlkYrvvIhodHRwczovL2RlbW8ucmlwc3RlY2guY29tL3NjYW4vMTA5LzE2Ne+8iTwvcD48cD4mbmJzcDs8L3A+PGgyIGlkPSJoMi0xIj4weDAyIOS9v+eUqHBheWxvYWTopobnm5bmlbDmja7lupM8L2gyPjxwPuWcqFRZUE8z55qE5ZCO56uv6YOo5YiG5L+d5a2Y5Lu75L2V6KGo5Y2V5pe25bCG5Lya5Y+R55Sf5q2k5ryP5rSe44CC5L6L5aaC77yM5aaC5p6c55So5oi35L+u5pS55LqGcGFnZXPpg6jliIbvvIzliJnlj6/ku6Xku45UWVBPM+eahFNRTOaVsOaNruW6k+S4reaPkOWPluimgee8lui+keeahOaVsOaNruW5tuWwhuWFtuWGmeWbnuaVsOaNruW6k+OAguWcqOS7juaVsOaNruW6k+iOt+WPluaVsOaNruS5i+WQju+8jOW6lOeUqOmAu+i+keWFgeiuuOmAmui/h+eUqOaIt+eahOi+k+WFpeimhuebluaJgOiOt+WPluaVsOaNrueahOWNleWIl+OAguatpOeJueW+geWFgeiuuOe7j+i/h+i6q+S7vemqjOivgeeahOaBtuaEj+WQjuerr+eUqOaIt+imhuebluWMheWQq+W6j+WIl+WMluaVsOaNrueahOaVsOaNruW6k+WAvO+8jOi/meS6m+aVsOaNrueojeWQjuS8muWPjeW6j+WIl+WMluOAgui/meWwhuS8muWvvOiHtFBIUOWvueixoeazqOWFpe+8jOacgOe7iOaUu+WHu+iAheWPr+S7pei/nOeoi+aJp+ihjOS7o+egge+8iENWRS0yMDE5LTEyNzQ377yJ44CCPC9wPjxwPuaUu+WHu+inhumike+8iGh0dHBzOi8vYmxvZy5yaXBzdGVjaC5jb20vdmlkZW9zL3R5cG8zXzk1Ny5tcDTvvIk8L3A+PHA+Jm5ic3A7PC9wPjxoMiBpZD0iaDItMiI+MHgwMyDmioDmnK/nu4boioI8L2gyPjxwPuWcqFRZUE8z5Lit5L+d5a2Y5ZCO56uv6KGo5Y2V5pe277yM5bCG6LCD55SoJGZvcm1EYXRhQ29tcGlsZXLlr7nosaHnmoRjb21waWxlKCnmlrnms5XjgILlj4LmlbDmmK/kuIDkuKrkvb/nlKjnlKjmiLfovpPlhaXloavlhYXnmoTmlbDnu4TvvIzlpoLkuIvnrKw46KGM5omA56S644CCPC9wPjxwPnR5cG8zL3N5c2V4dC9iYWNrZW5kL0NsYXNzZXMvQ29udHJvbGxlci9FZGl0RG9jdW1lbnRDb250cm9sbGVyLnBocDwvcD48cHJlIGNsYXNzPSJwdXJlLWhpZ2hsaWdodGpzIj48P3BocCZuYnNwOyZuYnNwOyR0aGlzLT5vdmVycmlkZVZhbHMmbmJzcDs9Jm5ic3A7JHBhcnNlZEJvZHlbJiMzOTtvdmVycmlkZVZhbHMmIzM5O10mbmJzcDs/PyZuYnNwOwombmJzcDsmbmJzcDsmbmJzcDsmbmJzcDskcXVlcnlQYXJhbXNbJiMzOTtvdmVycmlkZVZhbHMmIzM5O10mbmJzcDs/PyZuYnNwO251bGw7CiZuYnNwOyZuYnNwOy8vJm5ic3A7Li4uJm5ic3A7Jm5ic3A7Jm5ic3A7JGZvcm1EYXRhQ29tcGlsZXJJbnB1dFsmIzM5O292ZXJyaWRlVmFsdWVzJiMzOTtdJm5ic3A7PSZuYnNwOyR0aGlzLT5vdmVycmlkZVZhbHNbJHRhYmxlXTsKJm5ic3A7Jm5ic3A7JGZvcm1EYXRhJm5ic3A7PSZuYnNwOyRmb3JtRGF0YUNvbXBpbGVyLT5jb21waWxlKCRmb3JtRGF0YUNvbXBpbGVySW5wdXQpOzwvcHJlPjxwPuivpeaWueazleS9v+eUqGZvci1sb29w6YGN5Y6G5LiA5Liq5pyJ5bqP55qERm9ybURhdGFQcm92aWRlcuWvueixoeWIl+ihqO+8jOW5tuaMiemhuuW6j+WcqOavj+S4qiRwcm92aWRlcuWvueixoeS4iuiwg+eUqGFkZERhdGEoKeaWueazleOAgjwvcD48cD50eXBvMy9zeXNleHQvYmFja2VuZC9DbGFzc2VzL0Zvcm0vRm9ybURhdGFHcm91cC9PcmRlcmVkUHJvdmlkZXJMaXN0LnBocDwvcD48cHJlIGNsYXNzPSJwdXJlLWhpZ2hsaWdodGpzIj48P3BocHB1YmxpYyZuYnNwO2Z1bmN0aW9uJm5ic3A7Y29tcGlsZShhcnJheSZuYnNwOyRyZXN1bHQpOiZuYnNwO2FycmF5ewombmJzcDsmbmJzcDsvLyZuYnNwOy4uLiZuYnNwOyZuYnNwO2ZvcmVhY2gmbmJzcDsoJG9yZGVyZWREYXRhUHJvdmlkZXImbmJzcDthcyZuYnNwOyRwcm92aWRlckNsYXNzTmFtZSZuYnNwOz0+Jm5ic3A7JHByb3ZpZGVyQ29uZmlnKSZuYnNwO3sKJm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Ly8mbmJzcDsuLi4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDskcmVzdWx0Jm5ic3A7PSZuYnNwOyRwcm92aWRlci0+YWRkRGF0YSgkcmVzdWx0KTsKJm5ic3A7Jm5ic3A7fQombmJzcDsmbmJzcDtyZXR1cm4mbmJzcDskcmVzdWx0Owp9PC9wcmU+PHA+5aaC5LiK5Luj56CB55qE56ysOeihjO+8jCRwcm92aWRlci0+YWRkRGF0YSgp55qE5Y+C5pWwJHJlc3VsdOWcqOS4i+mdoueahGFkZERhdGEoKeaWueazleiwg+eUqOS9nOS4uuWFtuWPguaVsOOAguWcqOavj+asoei/reS7o+aXtu+8jOWPmOmHjyRyZXN1bHTooajnpLrmlbDnu4TlnKgkcHJvdmlkZXLlpITnkIblrozlhbblhoXlrrnlkI7ooqvkv67mlLnjgILlhbbkuK3kuIDkuKpwcm92aWRlcnPmmK9EYXRhYmFzZVJlY29yZE92ZXJyaWRlVmFsdWVz57G755qE5LiA5Liq5a6e5L6L77yM6K+l57G75YWB6K646KaG55uW5LuO5pWw57uEJHJlc3VsdOS4reaPkOWPlueahOaVsOaNru+8jOWFtuS4reaVsOe7hOeahOihjOWIl+WAvOWIhuWIq+S4umRhdGFiYXNlUm935ZKM5Lu75oSPa2V55YC844CCPC9wPjxwPnR5cG8zL3N5c2V4dC9iYWNrZW5kL0NsYXNzZXMvRm9ybS9Gb3JtRGF0YVByb3ZpZGVyL0RhdGFiYXNlUmVjb3JkT3ZlcnJpZGVWYWx1ZXMucGhwPC9wPjxwcmUgY2xhc3M9InB1cmUtaGlnaGxpZ2h0anMiPjw/cGhwcHVibGljJm5ic3A7ZnVuY3Rpb24mbmJzcDthZGREYXRhKGFycmF5Jm5ic3A7JHJlc3VsdCl7CiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwO2ZvcmVhY2gmbmJzcDsoJHJlc3VsdFsmIzM5O292ZXJyaWRlVmFsdWVzJiMzOTtdJm5ic3A7YXMmbmJzcDskZmllbGROYW1lJm5ic3A7PT4mbmJzcDskZmllbGRWYWx1ZSkmbmJzcDt7CiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwO2lmJm5ic3A7KGlzc2V0KCRyZXN1bHRbJiMzOTtwcm9jZXNzZWRUY2EmIzM5O11bJiMzOTtjb2x1bW5zJiMzOTtdWyRmaWVsZE5hbWVdKSkmbmJzcDt7CiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyRyZXN1bHRbJiMzOTtkYXRhYmFzZVJvdyYjMzk7XVskZmllbGROYW1lXSZuYnNwOz0mbmJzcDskZmllbGRWYWx1ZTsKJm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Ly8mbmJzcDsuLi4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDt9CiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwO30KJm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7cmV0dXJuJm5ic3A7JHJlc3VsdDsKfTwvcHJlPjxwPuacgOWQju+8jOS4i+WIl0Zvcm1EYXRhUHJvdmlkZXLlr7nosaHkuYvkuIDlrp7njrDkuoZ1bnNlcmlhbGl6ZSgp5pa55rOV5a+56KKr6KaG55uW5pWw5o2u55qE6LCD55So77yM5LuO6ICM5a+86Ie05ryP5rSe77yaPC9wPjxwPnR5cG8zL3N5c2V4dC9iYWNrZW5kL0NsYXNzZXMvRm9ybS9Gb3JtRGF0YVByb3ZpZGVyL0RhdGFiYXNlTGFuZ3VhZ2VSb3dzLnBocDwvcD48cHJlIGNsYXNzPSJwdXJlLWhpZ2hsaWdodGpzIj48P3BocHB1YmxpYyZuYnNwO2Z1bmN0aW9uJm5ic3A7YWRkRGF0YShhcnJheSZuYnNwOyRyZXN1bHQpewombmJzcDsmbmJzcDsvLyZuYnNwOy4uLiZuYnNwOyZuYnNwO2lmJm5ic3A7KC8qLi4uKi8pJm5ic3A7CiZuYnNwOyZuYnNwO3sKJm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7JHJlc3VsdFsmIzM5O2RlZmF1bHRMYW5ndWFnZURpZmZSb3cmIzM5O11bJGRlZmF1bHRMYW5ndWFnZUtleV0mbmJzcDs9Jm5ic3A7dW5zZXJpYWxpemUoCiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyRyZXN1bHRbJiMzOTtkYXRhYmFzZVJvdyYjMzk7XVskcmVzdWx0WyYjMzk7cHJvY2Vzc2VkVGNhJiMzOTtdWyYjMzk7Y3RybCYjMzk7XQombmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDtbJiMzOTt0cmFuc09yaWdEaWZmU291cmNlRmllbGQmIzM5O11dKTs8L3ByZT48cD7ov5nph4zmmK/mnInlhbPlpoLkvZXpgJrov4flt6Xlhbfpk75leHBvaXQgUEhQ5a+56LGh5rOo5YWl55qE5pu05aSa5L+h5oGv55qE6ZO+5o6l77yaIO+8iGh0dHBzOi8vYmxvZy5yaXBzdGVjaC5jb20vMjAxOC9waHAtb2JqZWN0LWluamVjdGlvbu+8iTwvcD48cD4mbmJzcDs8L3A+PGgyIGlkPSJoMi0zIj4weDA0IENWRS0yMDE5LTEyNzQ477ya5Zyo5ZCO56uv55qE5a2Y5YKo5Z6LWFNTPC9oMj48cD5DTVMgVFlQTzPnmoTlkI7nq6/kuK3lrZjlnKjot6jnq5nohJrmnKzmvI/mtJ7vvIhDVkUtMjAxOS0xMjc0OO+8ieOAguacieadg+iuv+mXrlNpdGUgUmVkaXJlY3Rz6YOo5YiG55qE6Z2e54m55p2D55So5oi35Y+v5Lul5Yip55SodDM6Ly/kvKrljY/orq7ms6jlhaXkuIDkuKrmgbbmhI/nmoRVUkzjgII8L3A+PHByZSBjbGFzcz0icHVyZS1oaWdobGlnaHRqcyI+dDM6Ly91cmwvP3VybD1qYXZhc2NyaXB0OmFsZXJ0KDEpOzwvcHJlPjxwPumAmui/h+a3u+WKoOi/meS4queJueWumueahOermeeCue+8jOWPr+S7pemHjeWumuWQkeWPpuS4gOS4quaLpeacieabtOmrmOadg+mZkOeahFRZUE8z55So5oi377yM5LuO6ICM6K+x5L2/5LuW5Lus54K55Ye76Kem5Y+R5oG25oSPSmF2YVNjcmlwdOeahOmTvuaOpeOAguaUu+WHu+iAheWPr+S7peWwhuatpOa8j+a0nuS9nOS4uuWQr+WKqOi/nOeoi+S7o+eggeaJp+ihjOa8j+a0nuaUu+WHu+eahOaUr+eCueOAgjwvcD48cD5UWVBPM+S8mumYu+atoueUqOaIt+WIqeeUqOmTvuaOpeWSjFVSTOS4reWNsemZqeeahGphdmFzY3JpcHQ65Lyq5Y2P6K6u77yM6L+Z5oSP5ZGz552AVFlQTzPlsIbnm7TmjqXmiafooYxKYXZhU2NyaXB044CC5L2G5piv77yM5a6D5bm25LiN6Zi75q2i55So5oi35Yip55SoVFlQTzPnmoTlhoXnva50MzovL+S8quWNj+iuru+8jOivpeWNj+iuruWunueOsOS6huWkmuenjeWKn+iDve+8jOS+i+WmguW8leeUqFRZUE8z5YaF6YOo6aG16Z2i77yM5paH5Lu277yM6YKu5Lu25Zyw5Z2A5oiWVVJMc+OAguWunumZheS4iu+8jOaMh+WumuS4gOS4quiHquWKqOi9rOaNouS4uuWPr+eCueWHu+mTvuaOpeeahFVSTOWwhue7lei/h1RZUE8z55qE55m95ZCN5Y2V77yM6K+l55m95ZCN5Y2V5pyA5Yid55qE5L2c55So5piv6Zi75q2iamF2YXNjcmlwdDrkvKrljY/orq7jgII8L3A+PHA+Jm5ic3A7PC9wPjxoMiBpZD0iaDItNCI+MHgwNSDmgLvnu5M8L2gyPjxwPuacrOaWh+aJgOi/sOeahOa8j+a0nuS8muWvueWFt+acieS4gOS4quaIluWkmuS4qlRZUE8z5ZCO56uv55qE55So5oi355qEVFlQTzPns7vnu5/kuqfnlJ/kuKXph43nmoTlvbHlk43jgILnu4/ov4fouqvku73pqozor4HlubbkuJTlj6/ku6Xorr/pl65QYWdlc+mDqOWIhueahOWQjuerr+eUqOaIt+WPr+S7peWcqOW6leWxgui/nOeoi+ezu+e7n+S4iuaJp+ihjOS7o+eggeOAguaUu+WHu+iAheWPr+S7peWIqeeUqFNpdGUgUmVkaXJlY3Rz5qih5Z2X5Lit55qE6Leo56uZ6ISa5pys5ryP5rSe5L2c5Li65Yip55So5q2k5ryP5rSe55qE5pSv54K544CCPC9wPjxwPiZuYnNwOzwvcD48aDIgaWQ9ImgyLTUiPjB4MDYg5pe26Ze057q/PC9oMj48bGk+MjAxOeW5tDXmnIg55pel77ya5o+Q5Lqk5ryP5rSePC9saT48bGk+MjAxOeW5tDXmnIg55pel77ya5ryP5rSe56Gu6K6kPC9saT48bGk+MjAxOeW5tDXmnIgxMOaXpe+8muS4juWOguWVhuWuieWFqOi0n+i0o+S6uuWNj+iwg+ino+WGs+mXrumimDwvbGk+PGxpPjIwMTnlubQ25pyINuaXpe+8muWOguWVhumAmuefpTbmnIgyNeWPt+WPkeW4g+ihpeS4gTwvbGk+PGxpPjIwMTnlubQ25pyIMjXml6XvvJpUWVBPMyA5LjUuOOihpeS4geWPkeW4gzwvbGk+PHA+Jm5ic3A7PC9wPjxoMiBpZD0iaDItNiI+MHgwNyDlj4LogIPmlofnjK48L2gyPjxwPldvcmRQcmVzcyA1LjEgQ1NSRiB0byBSZW1vdGUgQ29kZSBFeGVjdXRpb27vvJo8L3A+PHA+aHR0cHM6Ly9ibG9nLnJpcHN0ZWNoLmNvbS8yMDE5L3dvcmRwcmVzcy1jc3JmLXRvLXJjZTwvcD48cD5NYWdlbnRvIDIuMy4xOiBVbmF1dGhlbnRpY2F0ZWQgU3RvcmVkIFhTUyB0byBSQ0XvvJo8L3A+PHA+aHR0cHM6Ly9ibG9nLnJpcHN0ZWNoLmNvbS8yMDE5L21hZ2VudG8tcmNlLXZpYS14c3M8L3A+PHA+TXlCQiA8PSAxLjguMjA6IEZyb20gU3RvcmVkIFhTUyB0byBSQ0XvvJo8L3A+PHA+aHR0cHM6Ly9ibG9nLnJpcHN0ZWNoLmNvbS8yMDE5L215YmItc3RvcmVkLXhzcy10by1yY2U8L3A+PHA+V29yZFByZXNzIDUuMC4wIFJlbW90ZSBDb2RlIEV4ZWN1dGlvbu+8mjwvcD48cD5odHRwczovL2Jsb2cucmlwc3RlY2guY29tLzIwMTkvd29yZHByZXNzLWltYWdlLXJlbW90ZS1jb2RlLWV4ZWN1dGlvbjwvcD48cD5DVEYgV3JpdGV1cDogQ29tcGxleCBEcnVwYWwgUE9QIENoYWlu77yaPC9wPjxwPmh0dHBzOi8vYmxvZy5yaXBzdGVjaC5jb20vMjAxOS9jb21wbGV4LWRydXBhbC1wb3AtY2hhaW48L3A+PC9kaXY+PHA+PGJyLz48L3A+PHA+PC9wPjxwPjxici8+PC9wPg==