CVE-2022-29303 PoC — Contec SolarView Compact 操作系统命令注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-29303.yaml

Associated Vulnerability

Title:Contec SolarView Compact 操作系统命令注入漏洞 (CVE-2022-29303)
Description:Contec SolarView Compact是日本Contec公司的一个应用系统。提供光伏发电测量系统。 Contec SolarView Compact 6.00 版本存在操作系统命令注入漏洞，该漏洞源于SolarView Compact中的conf_mail.php模块存在命令注入点，攻击者可利用该漏洞注入恶意命令。

Description

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via conf_mail.php.

File Snapshot


 id: CVE-2022-29303

info:
  name: SolarView Compact 6.00 - OS Command Injection
  author: badboycxcc

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!