关联漏洞
标题:
Ivanti ICS 授权问题漏洞
(CVE-2023-46805)
描述:Ivanti ICS是美国Ivanti公司的一代远程安全访问产品。 Ivanti ICS 9.x版本、22.x版本、Ivanti Policy Secure存在授权问题漏洞,该漏洞源于 Web 组件中存在身份验证绕过漏洞。攻击者利用该漏洞可以绕过控制检查来访问受限资源。
描述
Simple scanner for scanning a list of ip-addresses for vulnerable Ivanti Pulse Secure devices
介绍
19/01/2024 ***** Update *******
Updated with the latest info based on Assetnote's blog.
Now three checks are executed before a status is shown, this also to better detect older versions of Avanti
Blogs with analysis of the CVE:
https://attackerkb.com/topics/AdUh6by52K/cve-2023-46805/rapid7-analysis
https://www.assetnote.io/resources/research/high-signal-detection-and-exploitation-of-ivantis-pulse-connect-secure-auth-bypass-rce
# CVE-2023-46805
Simple scanner for scanning a list of ip-addresses for vulnerable Ivanti Pulse Secure devices
1. Scan a service like Shodan or Censys for the relevant devices and create a list of ip_adresses.
2. Save them to "ip_list.txt" and in the same folder as this script
3. run the script and it will show output to screen and save to a csv file once finished
文件快照
[4.0K] /data/pocs/3303bd3fadcb1391cb71727095a4694b33e3b278
├── [ 803] README.md
└── [2.1K] scan_Ivanti.py
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。