CVE-2024-8963 PoC — Ivanti Cloud Services Appliance 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-8963.yaml

Associated Vulnerability

Title:Ivanti Cloud Services Appliance 安全漏洞 (CVE-2024-8963)
Description:Ivanti Cloud Services Appliance（Ivanti CSA）是美国Ivanti公司的一种 Internet 应用程序。可通过 Internet 提供安全的通信和功能。 Ivanti Cloud Services Appliance 4.6 Patch 519之前版本存在安全漏洞，该漏洞源于存在路径遍历，允许远程未经身份验证的攻击者访问受限功能。

Description

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.

File Snapshot


 id: CVE-2024-8963

info:
  name: Ivanti Cloud Services Appliance - Path Traversal
  author: johnk3r


...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!