CVE-2024-20399 PoC — Cisco NX-OS Software 安全漏洞

Source

Associated Vulnerability

Description

Private exploit for Cisco Nexus giving RCE

Readme

# CVE-2024-20399-Cisco-RCE
Private exploit for CVE-2024-20399 for Cisco Nexus switchis providing RCE in Python

> The repository provides a working variant of the CVE-2024-20399 vulnerability exploit with support for real-time active shell, multithreading, entering targets from a file, and color output.

## 🔥 **CVSS: 9.7/10**

## Description
An exploit for CVE-2024-20399, targeting a remote command execution vulnerability in Cisco Nexus switches. Attackers can obtain root privileges without leaving traces in the system logs.

## Exploit details
Attackers gained administrator credentials to access Cisco Nexus switches. This allowed them to deploy previously unknown malware for remote connection and malicious code execution.

## Zoomeye dork
app:"Cisco Nexus"

## Vulnerable versions: 
Cisco Nexus switches with software versions prior to the latest security patch.

## Running

To run exploit you need Python 3.9.
Execute:
```bash
python exploit.py -h 10.10.10.10 -c 'id'
```

## Download
[Download here](https://t.ly/3Vjy4) (securely!)

## Date of published: 03.07.2024
## Contact
blotus@exploit.in

File Snapshot

 [4.0K]  /data/pocs/f488ff73bb2a2a9b7f970e3c7387d0d0b9d94795
└── [1.1K]  README.md

0 directories, 1 file

Remarks