SAP Solution Manager Remote Unauthorized OS Commands Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Solution Manager remote unauthorized OS commands execution', 'License' = MSFLICENSE, 'Author' = 'Yvan Genuer', @1ggy The researcher who...

SAP Solution Manager remote unauthorized OS commands execution

This module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet tcsmdagentapplicationeem of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get...

SAP Solution Manager 7.2 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Solution Manager remote unauthorized OS commands execution', 'License' = MSFLICENSE, 'Author' = 'Yvan Genuer', @1ggy The researcher who...

SAP Solution Manager 7.2 Remote Command Execution Exploit

This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information abou...