Exploit for #VU29709 Input validation error in SAP NetWeaver

Published: 2020-07-15 | Updated: 2023-04-07

Vulnerability identifier: #VU29709

Vulnerability risk: High

CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2020-6287

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 7

April 7, 2023
- SAP_CVE-2020-6287_find_mandate (Checker help to verify created account or find it's mandat) [Github]
September 1, 2020
- CVE-2020-6287 ([CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizard) Authentication Bypass (Create Simple & Administrator Java User)) [Github]
July 24, 2020
- CVE-2020-6287-Sap-Add-User (sap netweaver portal add user administrator) [Github]
- SAP Unauthenticated WebService User Creation [Metasploit]
July 22, 2020
- CVE-2020-6287_RECON-scanner () [Github]
July 20, 2020
- CVE-2020-6287-exploit (PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https://github.com/rapid7/metasploit-framework/pull/13852/commits/ [Github]
July 15, 2020
- SAP_RECON (PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)) [Github]

Impact: Code execution

Vulnerable software:
SAP NetWeaver
Server applications / Application servers

Vendor: SAP