漏洞描述
SAP NetWeaver ASJAVA(LM配置向导),版本7.30、7.31、7.40、7.50,不执行身份验证检查,这允许未经事先身份验证的攻击者执行配置任务,以对SAPJAVA系统执行关键操作,包括创建管理用户的能力,从而损害机密性,系统的完整性和可用性。 # userName - sapRpoc6351 # password- Secure!PwD8890
SAP NetWeaver AS JAVA 7.30-7.50 管理员用户添加(CVE-2020-6287)
PoC代码
暂无相关漏洞推荐
-
CVE-2017-12149: Java/Jboss Deserialization [RCE] POC
2025-09-01 | Java JbossIn Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was foun... -
javamelody-detect: JavaMelody Monitoring Exposed POC
2025-09-01 | JavaMelodyJavaMelody is a tool used to monitor Java or Java EE applications in QA and production environments.... -
CVE-2013-3827: Javafaces LFI POC
2025-08-01 | JavafacesAn Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.... -
CVE-2020-10199: Nexus Repository before 3.21.2 allows JavaEL Injection POC
2025-09-01 | Nexus Repository漏洞触发需要任意账户权限 body="Nexus Repository Manager" app="Nexus-Repository-Manager" -
CVE-2020-11455: LimeSurvey 4.1.11 - Path Traversal POC
2025-09-01 | LimeSurveyLimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/a...