Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2020-6286

Published: 14/07/2020 Updated: 15/07/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 447
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Sap

Vulnerability Summary

The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated malicious user to exploit a method to download zip files to a specific directory, leading to Path Traversal.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sap netweaver application server java 7.30

sap netweaver application server java 7.31

sap netweaver application server java 7.40

sap netweaver application server java 7.50

Github Repositories

https://github.com/chipik/SAP_RECON

PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)

PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability) Pffff! RECON (Remotely Exploitable Code On NetWeaver)? Guys, really? That was the best codename you came up with? :) This scrip allows to check SAP LM Configuration Wizard missing authorization check vulnerability and as a PoC script exploits directory traversal in queryProtocol method Directory traversal allows to

https://github.com/duc-nt/CVE-2020-6287-exploit

PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https://github.com/rapid7/metasploit-framework/pull/13852/commits/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthentication permission and no more admi…

CVE-2020-6287-exploit PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set Inspired by @zeroSteiner from metasploit Original Metasploit PR module: githubcom/rapid7/metasploit-framework/pull/13852/commits/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthenticated permission and no more administrator pe

https://github.com/murataydemir/CVE-2020-6287

[CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizard) Authentication Bypass (Create Simple & Administrator Java User)

[CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizard) Authentication Bypass (Create Simple & Administrator Java User) SAP NetWeaver is SAP’s integrated technology platform and the technical foundation of all SAP applications since SAP Business Suite SAP NetWeaver is a service-oriented application and integration platform that provides a development and

https://github.com/AirbusProtectOffensiveSecurity/SAP_StarterKit

Starter kit for SAP pentesting

SAP Comptes sapcom Deux types de comptes sapcom : P-User : Utilisateur public, qui peut participer à la communauté en ligne mais n'a pas accès à toutes les ressources S-User : Compte des servives utilisé par les clients et les partenaires SAP Permet notamment de télécharger des softs SAP comme le NW RFC SDK Ce type d

https://github.com/murataydemir/CVE-2020-6286

[CVE-2020-6286] SAP NetWeaver AS JAVA (LM Configuration Wizard) Directory Traversal

[CVE-2020-6286] SAP NetWeaver AS JAVA (LM Configuration Wizard) Directory Traversal SAP NetWeaver is SAP’s integrated technology platform and the technical foundation of all SAP applications since SAP Business Suite SAP NetWeaver is a service-oriented application and integration platform that provides a development and running environment for SAP applications, and can a

https://github.com/pondoksiber/SAP-Pentest-Cheatsheet

SAP penetration testing Web and network cheatsheet

SAP-Pentest-Cheatsheet Bismillah For conducting the Pentest you should deploy SAP System on your Network SAP Web Interface Vulnerability Open Redirection Check HOST/sap/public/bc/icf/logoff?redirecturl=MALICIOUSURL Unsecured Protocol (HTTP) Check HOST:PORT/startPage HOST:PORT/sap/public/info System Informational Misconfiguration Check HOST:POR

Recent Articles

We spent way too long on this Microsoft, Intel, Adobe, SAP, Red Hat Patch Tuesday article. Just click on it, pretend to read it, apply updates
The Register • Shaun Nichols in San Francisco • 11 Aug 2020

Please, thanks, good show, cheers, ta

Patch Tuesday Patch Tuesday used to be Microsoft's day to release patches. Now Adobe, Intel, and SAP are routinely joining the fun – with special guest star Red Hat this month. If you've felt overwhelmed by the sheer number of security patches Microsoft has emitted this year, you are not alone. Patch watchers at the Zero Day Initiative said that, including the 120 product security bulletins posted this August, Microsoft is just 11 patches away from surpassing its 2019 full-year total with four...

Read more...

References

CWE-22https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675https://launchpad.support.sap.com/#/notes/2934135https://nvd.nist.govhttps://www.theregister.co.uk/2020/08/11/patch_tuesday_august/https://github.com/chipik/SAP_RECON
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook