Add PoC exploit for CVE-2024-21893

Question

Add PoC exploit for CVE-2024-21893

Opened this issue 7 months ago · 0 comments

Add a PoC exploit for CVE-2024-21893, pre-authentication Server-Side Request Forgery (SSRF) in Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA.

Reference PoCs

https://github.com/h4x0r-dz/CVE-2024-21893.py/blob/main/CVE-2024-21893.py (simplest)
https://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887/blob/main/exploit.py (uses the SSRF to get command execution to execute a python reverse shell payload)

Vuln App

N/A

How to Submit a PoC

See the CONTRIBUTING file for instructions on how to submit a PoC exploit.