CVE-2021-22893 PoC — Pulse Secure Pulse Connect Secure 资源管理错误漏洞

Source

https://github.com/orangmuda/CVE-2021-22893

Associated Vulnerability

Title:Pulse Secure Pulse Connect Secure 资源管理错误漏洞 (CVE-2021-22893)
Description:Pulse Secure Pulse Connect Secure（又名PCS，前称Juniper Junos Pulse）是美国Pulse Secure公司的一套SSL VPN解决方案。 Pulse Secure Pulse Connect Secure 存在资源管理错误漏洞，攻击者可利用该漏洞可以绕过身份验证过程，获得对应用程序的未授权访问。以下产品及版本受到影响：Pulse Connect Secure: 9.0R3, 9.0R3.1, 9.0R3.2, 9.0R3.4, 9.0R3.5, 9.0R

Description

Proof On Concept — Pulse Secure CVE-2021-22893

Readme

# CVE-2021-22893
Proof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893. 

## Usage
Achieves RCE on Pulse Secure VPNs

```
chmod +x exploit.sh

./exploit.sh 10.0.0.1
./exploit.sh -l <ListoFIPs>
./exploit.sh -l IPList.txt 
```

File Snapshot


 [4.0K]  /data/pocs/4ff809eea2bf01e79096fd22cbbd4a178850917c
├── [9.0K]  exploit.sh
└── [ 242]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!