CVE-2024-21887 PoC — Ivanti Connect Secure 命令注入漏洞

Source

https://github.com/zwxxb/CVE-2024-21887

Associated Vulnerability

Title:Ivanti Connect Secure 命令注入漏洞 (CVE-2024-21887)
Description:Ivanti Connect Secure是美国Ivanti公司的安全远程网络连接工具。 Ivanti Connect Secure 9.x、22.x系列版本、 Ivanti Policy Secure 9.x、22.x系列版本存在命令注入漏洞，该漏洞源于Web 组件中存在命令注入，允许经过身份验证的管理员发送特制请求并在设备上执行任意命令。

Description

Remote Code Execution : Ivanti

Readme

# CVE-2023-21887 Exploit 

This script scans a list of URLs for the CVE-2023-46805 vulnerability and exploits it 

## Usage

1. **Install required dependencies:**

   ```bash
   pip install httpx

File Snapshot


 [4.0K]  /data/pocs/259a4adadd587c2a0dc827b28fa5bac6f8e04919
├── [2.3K]  3xp.py
└── [ 196]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!