Lucene search
K

14 matches found

Nuclei
Nuclei
added 2 days ago10 views

Sunflower Simple and Personal 1.0.1.43315 - Remote Code Execution

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

9.8CVSS7.4AI score0.56787EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:0 p.m.8 views

CVE-2022-48323

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

9.8CVSS7.6AI score0.56787EPSS
Exploits1
The Hacker News
The Hacker News
added 2023/03/09 2:54 p.m.59 views

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware. AhnLab Security Emergency Response Center ASEC, in a new analysis, said it marks the continued abuse of the flaws to deliver a variety of payloads on...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/09 2:54 p.m.2 views

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware. AhnLab Security Emergency Response Center ASEC, in a new analysis, said it marks the continued abuse of the flaws to deliver a variety of payloads on...

7.4AI score
Exploits0
NVD
NVD
added 2023/02/13 5:15 a.m.18 views

CVE-2022-48323

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

9.8CVSS9.7AI score0.56787EPSS
Exploits1References3
Prion
Prion
added 2023/02/13 5:15 a.m.17 views

Path traversal

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

7.5CVSS9.6AI score0.56787EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/02/13 12:0 a.m.24 views

CVE-2022-48323

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

9.8AI score0.56787EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.5 views

Sunlogin Sunflower Simplified 路径遍历漏洞

Sunlogin Sunflower is a remote control software from the Chinese company Sunlogin. A security vulnerability exists in Sunlogin Sunflower Simplified version 1.0.1.43315, which stems from the presence of path traversal, and allows remote and unauthenticated attackers to execute arbitrary programs o...

9.8CVSS8.8AI score0.56787EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/02/13 12:0 a.m.6 views

CVE-2022-48323

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

7.6AI score0.56787EPSS
Exploits1References3
CVE
CVE
added 2023/02/13 12:0 a.m.51 views

CVE-2022-48323

Sunlogin Sunflower Simplified (Sunflower Simple/Personal) 1.0.1.43315 is vulnerable to a path traversal that enables remote code execution. A remote, unauthenticated attacker can exploit HTTP requests (e.g., /check?cmd=ping../) to run arbitrary programs on the victim host. The Nuclei template con...

9.8CVSS9.5AI score0.56787EPSS
Exploits1References3Affected Software1
The Hacker News
The Hacker News
added 2023/02/07 12:58 p.m.3 views

Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework

Threat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-control C2 framework for carrying out post-exploitation activities. The findings come from AhnLab Security Emergency response Center ASEC, which discovered that security vulnerabilities in Sunlogin, a...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/07 12:58 p.m.49 views

Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework

Threat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-control C2 framework for carrying out post-exploitation activities. The findings come from AhnLab Security Emergency response Center ASEC, which found that security vulnerabilities in Sunlogin, a remote...

0.6AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2023/02/06 12:0 a.m.8 views

VulnCheck KEV: CVE-2022-48323

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

9.8CVSS7.5AI score0.56787EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/14 12:0 a.m.64 views

Command Execution Vulnerability in Sunflower Personal Edition for Windows at Shanghai Berry Information Technology Co.

Sunflower is a free, all-in-one remote control management tool software that integrates remote control of computer and cell phone, remote desktop connection, remote boot, remote management, and intranet penetration support. Ltd. Sunflower Personal Edition for Windows has a command execution...

7.8AI score
Exploits0
Rows per page
Query Builder