This Metasploit module exploits CVE-2023-22952, a remote code execution vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0 Enterprise, Sell, and Serve versions prior to 12.0.2.
8dee3580d4739894afee71ec96b13c0291c147c08c38e33083c401b41c7fc8a1
SugarCRM versions up to 12.2.0 suffer from a remote shell upload vulnerability.
74cace1b6e9afc52d16c5afdcecc42e3abd20dc7f1ccb5629f3f64b72179e905