CVE-2022-29303 PoC — Contec SolarView Compact 操作系统命令注入漏洞

Source

https://github.com/1f3lse/CVE-2022-29303

Associated Vulnerability

Title:Contec SolarView Compact 操作系统命令注入漏洞 (CVE-2022-29303)
Description:Contec SolarView Compact是日本Contec公司的一个应用系统。提供光伏发电测量系统。 Contec SolarView Compact 6.00 版本存在操作系统命令注入漏洞，该漏洞源于SolarView Compact中的conf_mail.php模块存在命令注入点，攻击者可利用该漏洞注入恶意命令。

Description

Python script to exploit CVE-2022-29303

Readme

# CVE-2022-29303-Exploit
Exploit  for CVE-2022-29303


## Usage
Check against single host
```
   _____   _____   ___ __ ___ ___   ___ ___ ____ __ ____
  / __\ \ / / __|_|_  )  \_  )_  )_|_  ) _ \__ //  \__ /
 | (__ \ V /| _|___/ / () / / / /___/ /\_, /|_ \ () |_ \
  \___| \_/ |___| /___\__/___/___| /___|/_/|___/\__/___/

	       Coded By Valentin Lobstein
    "With great power comes great responsibility"

usage: CVE-2022-29303.py [-h] [-u URL] [-c COMMAND]

Example : python3 CVE-2022-29303.py -u https://127.0.0.1 -c 'ls'

options:
  -h, --help  show this help message and exit
  -u URL      Specify target URL
  -c COMMAND  Specify Command

Zoomeye Dork : "Copyright(C) 2007-2014 CONTEC.CO.,LTD. All rights reserved"

```

File Snapshot


 [4.0K]  /data/pocs/46d84e5ebb07736ebda7c6633f4b82c6625e0a6b
├── [2.4K]  CVE-2022-29303.py
└── [ 731]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!