CVE-2021-26551

An issue was discovered in SmartFoxServer 2.17.0. An attacker can execute arbitrary Python code, and bypass the javashell.py protection mechanism, by creating /config/ConsoleModuleUnlock.txt and editing /config/admin/admintool.xml to enable the Console module...

SmartFoxServer 代码注入漏洞

SmartFoxServer is a software development program for rapid development of multiplayer games and applications via Adobe Flash/Flex/Air, Unity, HTML5, iOS, Universal Windows Platform, Android, Java, C ++, etc. SmartFoxServer is a software development program from SmartFoxServer, USA. The software...

SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution

Exploit Title: SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution Date: 29.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6...

SmartFoxServer 2X 2.17.0 God Mode Console Remote Code Execution

Summary SmartFoxServer SFS is a comprehensive SDK for rapidly developing multiplayer games and applications with Adobe Flash/Flex/Air, Unity, HTML5, iOS, Universal Windows Platform, Android, Java, C++ and more. SmartFoxServer comes with a rich set of features, an impressive documentation set, ten...