The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager (SolMan) version 7.2. A successful exploitation could allow a remote unauthenticated attacker to execute highly privileged administrative tasks in the connected SAP SMD Agents. The vulnerability, which has the highest possible CVSS base score of 10.0, was addressed by SAP as part of its March 2020 updates. The public availability of a PoC code leaves unpatched servers exposed to a number of potential malicious attacks.
Source: https://thehackernews.com/2021/01/beware-fully-functional-released-online.html