CVE-2023-35078 PoC — Ivanti Endpoint Manager Mobile 授权问题漏洞

Source

https://github.com/lazysec0x21/CVE-2023-35078

Associated Vulnerability

Title:Ivanti Endpoint Manager Mobile 授权问题漏洞 (CVE-2023-35078)
Description:Ivanti Endpoint Manager Mobile（Ivanti EPMM）是美国Ivanti公司的一个移动管理软件引擎。 Ivanti Endpoint Manager Mobile 11.10及之前版本存在授权问题漏洞，该漏洞源于存在身份验证绕过，允许远程攻击者获取PII、添加管理帐户并更改配置。

Description

Tools to scanner & exploit cve-2023-35078

Readme

# CVE-2023-35078-Poc-Exploit
This tool is built in golang language to exploit CVE-2023-35078 vulnerability

To use this tool is quite easy, run command this on your terminal
```
λ  ~ git clone https://github.com/LazyySec/CVE-2023-35078.git
λ  ~ cd CVE-2023-35078
λ  CVE-2023-35078 git:(main) go build cve-2023-35078.go
λ  CVE-2023-35078 ./cve-2023-35078 --help
Usage of ./cve-2023-35078:
  -f string
    	File containing URLs
  -u string
    	URL to exploit
```
Enjoy using and thank you! :)

File Snapshot


 [4.0K]  /data/pocs/fe83f07fdfcf94cd1c598c5fb837eb9fc8ffa0a2
├── [4.7K]  cve-2023-35078.go
├── [ 496]  README.md
└── [177K]  Screen Shot 2023-07-31 at 09.42.38.png

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!