CVE-2022-48323
- Reference to the description:
- Description:
- Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the pathname of the powershell.exe program.
- Last updated date:
- 02/24/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/24/2023