CVE-2024-29824 PoC — Ivanti EPM SQL注入漏洞

Source

https://github.com/R4be1/CVE-2024-29824

Associated Vulnerability

Title:Ivanti EPM SQL注入漏洞 (CVE-2024-29824)
Description:Ivanti EPM是美国Ivanti公司的一个一站式管理用户配置文件和所有客户端设备的软件。 Ivanti EPM 2022 SU5 及之前版本存在SQL注入漏洞，该漏洞源于核心服务器中存在 SQL注入漏洞，允许同一网络内的未经身份验证的攻击者执行任意代码。

Description

Ivanti EPM SQL Injection Remote Code Execution Vulnerability（Optimized version based on h3）

Readme

I have made some optimizations to the scripts in horizon3ai (actually, it is just adding a verification mechanism to ensure accuracy)
Original project address: https://github.com/horizon3ai/CVE-2024-29824

add "-f / --file" and ThreadPool...

File Snapshot


 [4.0K]  /data/pocs/1910eb138480d216022752d74bfe4664f19fe77b
├── [2.7K]  CVE-2024-29824.py
└── [ 242]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!