Nokia BMC Log Scanner - Remote Code Execution 漏洞概述 Nokia BMC Log Scanner 是一个 Web 应用程序,允许用户通过 Web 界面扫描 BMC 日志。该应用程序存在命令注入漏洞,允许未经身份验证的攻击者执行远程代码。 影响范围 平台: Linux 版本: 13 发布日期: 2024-03-15 CVE: CVE-2022-45899 修复方案 厂商主页: https://www.nokia.com/ 软件链接: N/A 利用代码 ```python Exploit Title: Nokia BMC Log Scanner Remote Code Execution Google Dork: N/A Date: November 29, 2023 Exploit Author: Carlos Andres Gonzalez, Matthew Gregory Vendor Homepage: https://www.nokia.com/ Software Link: N/A Version: 13 Tested on: Linux CVE : CVE-2022-45899 Description The BMC Log Scanner web application, available on several hosts, is vulnerable to command injection attacks, allowing for unauthenticated remote code execution. This vulnerability is especially significant