Skip to content

Commit

Permalink
automatic module_metadata_base.json update
Browse files Browse the repository at this point in the history
  • Loading branch information
jenkins-metasploit committed Dec 4, 2024
1 parent 21cf475 commit 7265f09
Showing 1 changed file with 64 additions and 0 deletions.
64 changes: 64 additions & 0 deletions db/modules_metadata_base.json
Original file line number Diff line number Diff line change
Expand Up @@ -75946,6 +75946,70 @@
"session_types": false,
"needs_cleanup": null
},
"exploit_linux/http/ivanti_connect_secure_rce_cve_2024_37404": {
"name": "Ivanti Connect Secure Authenticated Remote Code Execution via OpenSSL CRLF Injection",
"fullname": "exploit/linux/http/ivanti_connect_secure_rce_cve_2024_37404",
"aliases": [

],
"rank": 600,
"disclosure_date": "2024-10-08",
"type": "exploit",
"author": [
"Richard Warren",
"Christophe De La Fuente"
],
"description": "This module exploits a CRLF injection vulnerability in Ivanti Connect\n Secure to achieve remote code execution (CVE-2024-37404). Versions\n prior to 22.7R2.1 are vulnerable. Note that Ivanti Policy Secure\n versions prior to 22.7R1.1 are also vulnerable but this module\n doesn't support this software.\n\n Valid administrative credentials are required. A non-administrative\n user is also required and can be created using the administrative\n account, if needed.",
"references": [
"CVE-2024-37404",
"URL-https://attackerkb.com/topics/FI5vcuGwyM/cve-2024-37404",
"URL-https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-and-Policy-Secure-CVE-2024-37404",
"URL-https://blog.amberwolf.com/blog/2024/october/cve-2024-37404-ivanti-connect-secure-authenticated-rce-via-openssl-crlf-injection/"
],
"platform": "Linux",
"arch": "x86",
"rport": 443,
"autofilter_ports": [
80,
8080,
443,
8000,
8888,
8880,
8008,
3000,
8443
],
"autofilter_services": [
"http",
"https"
],
"targets": [
"Automatic"
],
"mod_time": "2024-12-03 18:33:43 +0000",
"path": "/modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2024_37404.rb",
"is_install_path": true,
"ref_name": "linux/http/ivanti_connect_secure_rce_cve_2024_37404",
"check": true,
"post_auth": true,
"default_credential": false,
"notes": {
"Stability": [
"crash-safe"
],
"Reliability": [
"repeatable-session"
],
"SideEffects": [
"artifacts-on-disk",
"ioc-in-logs",
"account-logout"
]
},
"session_types": false,
"needs_cleanup": null
},
"exploit_linux/http/ivanti_csa_unauth_rce_cve_2021_44529": {
"name": "Ivanti Cloud Services Appliance (CSA) Command Injection",
"fullname": "exploit/linux/http/ivanti_csa_unauth_rce_cve_2021_44529",
Expand Down

0 comments on commit 7265f09

Please sign in to comment.