exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files from Yvan Genuer

First Active2021-03-26
Last Active2022-05-04
SAP Web Dispatcher HTTP Request Smuggling
Posted May 4, 2022
Authored by Yvan Genuer, Martin Doyhenard | Site onapsis.com

SAP Web Dispatcher suffers from an HTTP request smuggling vulnerability.

tags | exploit, web
advisories | CVE-2021-38162
SHA-256 | 13d3e2b23a840dab61234f2b6d3787259a7efde984a35e90339e0cdc4c879d9a
SAP Enterprise Portal XSLT Injection
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal with ENGINEAPI versions 7.10, 7.30, 7.31, 7.40, and 7.50 suffers from an XSLT injection vulnerability.

tags | advisory
advisories | CVE-2021-37531
SHA-256 | da6ac9ab738f2080b02cc97608aef6a101c7d751b2f8886505ca291243379d5f
SAP CommonCryptoLib Null Pointer Dereference
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP CommonCryptoLib suffers from a null pointer dereference vulnerability. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error causing the system to crash and remain unavailable.

tags | advisory
advisories | CVE-2021-38177
SHA-256 | 4e1a256c3f431f4168136d27f62d96f748180dc8bdcac0d78e7fd1c23eb39487
SAP Enterprise Portal Open Redirect
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from an open redirection vulnerability.

tags | advisory
advisories | CVE-2021-33707
SHA-256 | 31e789c3fc612f938cd56d5fab9f4d359a5679a1c9bc3ae446b98afd67ad0c83
SAP Enterprise Portal iviewCatcherEditor Server-Side Request Forgery
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal with EP-RUNTIME component versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 suffer from a iviewCatcherEditor server-side request forgery vulnerability.

tags | advisory
advisories | CVE-2021-33705
SHA-256 | 05b826d203ad0d9639e1eddd559c1655d47d3c184d59c75033d4f4a70566519d
SAP Enterprise Portal RunContentCreation Cross Site Scripting
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from a RunContentCreation cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2021-33703
SHA-256 | df15ae63bb5d2b8fdb14db62a9d66eaecfae3239f8b258e8b84c90806fe26742
SAP Enterprise Portal NavigationReporter Cross Site Scripting
Posted Jan 27, 2022
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal with EP-RUNTIME component versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 suffer from a NavigationReporter cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2021-33702
SHA-256 | ee2d0a75bef9c35261f7c80c337b71a54f659bac383ea7ae746759f207a06a8c
SAP Enterprise Portal Sensitive Data Disclosure
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal suffers from an sensitive information disclosure vulnerability in the com.sapportals.navigation.testComponent.NavigationRequestSniffer servlet.

tags | advisory, info disclosure
advisories | CVE-2021-33687
SHA-256 | 4a8db7aa8f258b1769fbf97ddef33a9c7b31c57775fc5b0aaae9d89f1808d5c0
SAP NetWeaver ABAP IGS Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

The SAP NetWeaver ABAP IGS service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27620, CVE-2021-27622, CVE-2021-27624, CVE-2021-27625, CVE-2021-27626, CVE-2021-27627
SHA-256 | 2d1f0734303783a8b47a886f91b23670d4395d5d4ed4501f6e4af6001b97b2b7
SAP NetWeaver ABAP Gateway Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

The SAP NetWeaver ABAP Gateway service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27597, CVE-2021-27633, CVE-2021-27634
SHA-256 | da1fec63d0f864232e684c79171e0e2cc4a5296c2ce6bd0702518810eabac2ea
SAP NetWeaver ABAP Enqueue Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP NetWeaver ABAP Enqueue service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27606, CVE-2021-27629, CVE-2021-27630, CVE-2021-27631, CVE-2021-27632
SHA-256 | 311841e1ce77e5cac126339df98efcba8eda52f242b8a567340833179c8bd6c5
SAP NetWeaver ABAP Dispatcher Service Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP NetWeaver ABAP Dispatcher service suffers from memory corruption vulnerabilities. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system causing the system to crash and rendering it unavailable.

tags | advisory, vulnerability
advisories | CVE-2021-27607, CVE-2021-27628
SHA-256 | 17cc60af5d9b943931eeb5cd66b2a4f367a1a9b045b6aa0fe83114111e1f2e37
SAP Solution Manager 7.20 Missing Authorization
Posted Jun 15, 2021
Authored by Nahuel D. Sanchez, Pablo Artuso, Yvan Genuer | Site onapsis.com

Due to a missing authorization check in the SAP Solution Manager version 7.20 LM-SERVICE component, a remote authenticated attacker could be able to execute privileged actions in the affected system, including the execution of operating system commands.

tags | advisory, remote
advisories | CVE-2020-6207
SHA-256 | ad2a546198819c5e3808faa124d00d50475caa98031463ff99dd70806f19a4fd
SAP Wily Introscope Enterprise Default Hard-Coded Credentials
Posted Jun 15, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP Wily Introscope Enterprise versions 9.7, 10.1, 10.5, and 10.7 suffer from having default hard-coded credentials.

tags | advisory
advisories | CVE-2020-6369
SHA-256 | 472008089fe805ca278b030c1c5074c99b2877ee00a4db2ac51d3e76c1b7e7e4
SAP Wily Introscope Enterprise OS Command Injection
Posted Jun 15, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP Wily Introscope Enterprise versions 9.7, 10.1, 10.5, and 10.7 suffer from a command injection vulnerability.

tags | advisory
advisories | CVE-2020-6364
SHA-256 | 98a2961b16ad9e9f794ffa70067807ac00d45185e9401b26dfb8f0385594eaf6
SAP Solution Manager 7.2 (ST 720) Open Redirection
Posted Jun 15, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP Solution Manager version 7.2 (ST 720) suffers from an open redirection vulnerability.

tags | exploit
advisories | CVE-2020-26836
SHA-256 | be314dee601c6b7d96a925a535be63d81b445ebec3bcdd2a0214aea82ebc5152
SAP Solution Manager 7.2 Remote Command Execution
Posted Mar 26, 2021
Authored by Dmitry Chastuhin, Pablo Artuso, Vladimir Ivanov, Yvan Genuer | Site metasploit.com

This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager (SolMan) running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information about connected SMDAgents allowing an attacker to send HTTP requests (SSRF) and execute OS commands on the connected SMDAgent. Works stable in connected SMDAgent with Java version 1.8. Successful exploitation will allow unauthenticated remote attackers to get a reverse shell from connected to the SolMan agent as the user under which it runs SMDAgent service, which is usually daaadm.

tags | exploit, java, remote, web, shell
advisories | CVE-2020-6207
SHA-256 | 0d5122d6fb0ba7f681b7229fc5c197780b51710c6395404115ad8686072b2b08
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close