module
Ivanti Connect Secure Authenticated Remote Code Execution via OpenSSL CRLF Injection
| Disclosed | Created |
|---|---|
| 2024-10-08 | 2024-12-04 |
Disclosed
2024-10-08
Created
2024-12-04
Description
This module exploits a CRLF injection vulnerability in Ivanti Connect
Secure to achieve remote code execution (CVE-2024-37404). Versions
prior to 22.7R2.1 are vulnerable. Note that Ivanti Policy Secure
versions prior to 22.7R1.1 are also vulnerable but this module
doesn't support this software.
Valid administrative credentials are required. A non-administrative
user is also required and can be created using the administrative
account, if needed.
Secure to achieve remote code execution (CVE-2024-37404). Versions
prior to 22.7R2.1 are vulnerable. Note that Ivanti Policy Secure
versions prior to 22.7R1.1 are also vulnerable but this module
doesn't support this software.
Valid administrative credentials are required. A non-administrative
user is also required and can be created using the administrative
account, if needed.
Authors
Richard Warren
Christophe De La Fuente
Christophe De La Fuente
Platform
Linux
Architectures
x86
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.