CVEs-PoC/2017/CVE-2017-8915.md

CVE-2017-8915

Description

sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of service (assertion failure and service crash) by pushing a package with a filename containing a $ (dollar sign) or % (percent) character, aka SAP Security Note 2407694.

POC

Reference

• https://erpscan.io/advisories/erpscan-17-008-sap-hana-xs-sinopia-dos/
• https://erpscan.io/advisories/erpscan-17-008-sap-hana-xs-sinopia-dos/

Github

• https://github.com/vah13/SAP_vulnerabilities