cve/2024/CVE-2024-40711.md

CVE-2024-40711

Description

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).

POC

Reference

• https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/

Github

• https://github.com/20142995/nuclei-templates
• https://github.com/ARPSyndicate/cve-scores
• https://github.com/Ostorlab/KEV
• https://github.com/PuddinCat/GithubRepoSpider
• https://github.com/S3cur3Th1sSh1t/My-starred-Repositories
• https://github.com/XiaomingX/cve-2024-40711-poc
• https://github.com/cyb3r-w0lf/nuclei-template-collection
• https://github.com/fkie-cad/nvd-json-data-feeds
• https://github.com/hsvhora/research_blogs
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/realstatus/CVE-2024-40711-Exp
• https://github.com/tanjiti/sec_profile
• https://github.com/tylzars/awesome-vrre-writeups
• https://github.com/watchtowrlabs/CVE-2024-40711