PoC for CVE-2020-6207 [Fixed] (Missing Authentication Check in SAP Solution Manager)

XMAN

Active member
PoC for CVE-2020-6207 [Fixed] (Missing Authentication Check in SAP Solution Manager) #1
Yesterday i was reading a article in zdnet about a fresh exploit and PoC that allow remote code execution with the possibility to completely automate the exploitation. The PoC is easy to use and it only require some command lines to check if a host is vulnerable or not. If vulnerable it can execute exes.

View the article:
https://www.zdnet.com/article/automated-...-the-wild/

Note: The file is almost equal to the original but there is some fixes. Credits removed, User-Agent in the payload had a tracking code which was removed too.

Download:
https://anonfiles.com/X5QfD9Bap8/SAP_CVE-2020-6207_zip
 
Top