On this repository, we will briefly write information about the CVE-2022-41272 vulnerability.
The vulnerability exists on the SAP P4 service that runs on the 5NN04 port. Where NN is an instance number, that can be from 00-99.
There are remote call functions that an attacker can call without any authentication.
In the following image, you can see the patch released by SAP.
The PoC is ready and deployed to the RedRays Security Platform.
PS. You can star and start watching the repository, and when we open the PoC, you will receive the notification.