Showing 1 - 1 of 1

CVE-2023-28324

Status Candidate

Overview

A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution.

Related Files

Ivanti EPM Agent Portal Command Execution: Posted Nov 21, 2024; Authored by Spencer McIntyre, James Horseman, Zach Hanley | Site metasploit.com; This Metasploit module leverages an unauthenticated remote command execution vulnerability in Ivanti's EPM Agent Portal where an RPC client can invoke a method which will run an attacker-specified string on the remote target as NT AUTHORITY\SYSTEM. This vulnerability is present in versions prior to EPM 2021.1 Su4 and EPM 2022 Su2.; tags | exploit, remote; advisories | CVE-2023-28324; SHA-256 | e0620d2d0515fa0c50ecc9895fe036f29df5b1ae1f77223209ef2489ec4d79b2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2023-28324

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems