CVE-2023-46805 PoC — Ivanti ICS 授权问题漏洞

Source

https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887

Associated Vulnerability

Title:Ivanti ICS 授权问题漏洞 (CVE-2023-46805)
Description:Ivanti ICS是美国Ivanti公司的一代远程安全访问产品。 Ivanti ICS 9.x版本、22.x版本、Ivanti Policy Secure存在授权问题漏洞，该漏洞源于 Web 组件中存在身份验证绕过漏洞。攻击者利用该漏洞可以绕过控制检查来访问受限资源。

Description

The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.

Readme

# CVE-2023-46805_CVE-2024-21887
The script in this repository checks and exploits CVE-2023-46805 (Auth Bypass) and CVE-2024-21887 (Remote Code Execution) vulnerabilities specified in the Ivanti Connect Secure product exist. You can check vulnerability details this link (https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/).

USAGE:


Base Usage:
python3 CVE-2023-46805_CVE-2024-21887.py --url <URL_ADDRESS>

Proxy Usage:
python3 CVE-2023-46805_CVE-2024-21887.py --url <URL_ADDRESS> --proxy <PROXY_ADDRESS>

Exploit Usage:
python3 CVE-2023-46805_CVE-2024-21887.py --url <URL_ADDRESS> --cmd <OS_COMMAND>

![](poc.png)

File Snapshot


 [4.0K]  /data/pocs/780d6690f5ab86ffcb0f879c0a56b2f618d806f4
├── [3.0K]  CVE-2023-46805_CVE-2024-21887.py
├── [ 70K]  poc.png
└── [ 673]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!