POC详情: 7599c16d1234bf2eb1b1437d4622bb2782c7cc8d

来源
https://github.com/rxerium/CVE-2024-7593
关联漏洞
标题: Ivanti Virtual Traffic Manager 安全漏洞 (CVE-2024-7593)
描述:Ivanti Virtual Traffic Manager是美国Ivanti公司的一款基于软件的应用程序交付控制器。 Ivanti vTM 22.2R1版本、22.7R2版本存在安全漏洞,该漏洞源于身份验证算法存在错误。攻击者利用该漏洞可以绕过管理面板的身份验证。
描述
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
介绍
# CVE-2024-7593 Detection

## How does this detection method work?

This template matches on the following versions, if there is a match then the host is considered vulnerable:

```
- "22.2"
- "22.3"
- "22.3R2"
- "22.5R1"
- "22.6R1"
- "22.7R1"
```

To prevent producing any FPs it also matches on the below:

```
- type: word
part: body
words:
    - "Login (Virtual Traffic Manager"
```

## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t template.yaml` 

## References

- https://arcticwolf.com/resources/blog/cve-2024-7593-cve-2024-7569/
- https://nvd.nist.gov/vuln/detail/CVE-2024-7593
- https://www.tenable.com/blog/cve-2024-7593-ivanti-virtual-traffic-manager-authentication-bypass-vulnerability


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.
文件快照

 [4.0K]  /data/pocs/7599c16d1234bf2eb1b1437d4622bb2782c7cc8d
├── [1022]  README.md
└── [1001]  template.yaml

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。