CVE-2024-41713 PoC — Mitel MiCollab 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-41713.yaml

Associated Vulnerability

Title:Mitel MiCollab 安全漏洞 (CVE-2024-41713)
Description:Mitel MiCollab是加拿大敏迪（Mitel）公司的一款为员工提供语音、视频、消息、音频会议和团队协作的移动应用程序。 Mitel MiCollab 9.8 SP1 FP2(9.8.1.201)版本及之前版本存在安全漏洞，该漏洞源于对输入验证不足。攻击者利用该漏洞可以查看、破坏或删除用户的数据和系统配置。

Description

A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations.

File Snapshot


 id: CVE-2024-41713

info:
  name: Mitel MiCollab - Authentication Bypass
  author: DhiyaneshDK,watch

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!