SAP Solution Manager Command Injection Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system monitoring, remote support services and SAP product component upgrades and other functions. SAP Solution Manager version 720 suffers from a command injection vulnerability that stems from the application failing to properly filter construct command special characters, commands, and so on. An attacker could use this vulnerability to read or modify data from the same or other components using an unrecommended function module.