Vulnerability & Exploit Database

Back to search

SAP ConfigServlet OS Command Execution

This module allows execution of operating system commands through the SAP ConfigServlet without any authentication.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

auxiliary/admin/sap/sap_configservlet_exec_noauth

Authors

  • Dmitry Chastuhin
  • Andras Kabai

References

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/admin/sap/sap_configservlet_exec_noauth msf auxiliary(sap_configservlet_exec_noauth) > show actions ...actions... msf auxiliary(sap_configservlet_exec_noauth) > set ACTION <action-name> msf auxiliary(sap_configservlet_exec_noauth) > show options ...show and set options... msf auxiliary(sap_configservlet_exec_noauth) > run