mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 09:41:05 +00:00
1.3 KiB
1.3 KiB
CVE-2024-1708
&color=brighgreen)
Description
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.
POC
Reference
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
Github
- https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE
- https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/netlas-io/netlas-dorks
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/tr1pl3ight/POCv2.0-for-CVE-2024-1709
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc