CVE-2020-10148 PoC — SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API command

Source

https://github.com/rdoix/CVE-2020-10148-Solarwinds-Orion

Associated Vulnerability

Title:SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands (CVE-2020-10148)
Description:The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.

Readme

# CVE-2020-10148 Solarwinds Orion
## Download CVE-2020-10148.py
```
wget https://gist.githubusercontent.com/0xsha/75616ef6f24067c4fb5b320c5dfa4965/raw/0d7db4f2ea5aacc0ada7b1a7b23f2ce8ba39315f/CVE-2020-10148.py
```

## Looking Solarwinds Orion from Shodan
```
https://www.shodan.io/search?query=http.title%3Asolarwinds+http.favicon.hash%3A-1776962843
```

## Running CVE-2020-10148.py
```
python CVE-2020-10148.py CVE-2020-10148.py http(s)://target
```

Reffrence :
* _https://gist.github.com/0xsha/75616ef6f24067c4fb5b320c5dfa4965_

File Snapshot


 [4.0K]  /data/pocs/376d7ff320fb3b40b608a3c8a5c9ae4b786ddd37
├── [4.5K]  CVE-2020-10148.py
└── [ 532]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!