Exploit for #VU27494 Improper Authentication in Salt

Vulnerability identifier: #VU27494

Vulnerability risk: Critical

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2020-11651

CWE-ID: CWE-287

Exploitation vector: Network

Exploits in database: 20

• December 19, 2023
  • CVE-2020-11651-PoC (Repository that contains a CVE-2020-11651 Exploit updated to work with the latest versions of python.) [Github]
• January 30, 2022
  • cve-2020-11651 () [Github]
• December 28, 2020
  • CVE-2020-11652 (CVE-2020-11652 & CVE-2020-11651) [Github]
• December 2, 2020
  • salt-rce-scanner-CVE-2020-11651-CVE-2020-11652 (Scanning tool to test for SaltStack vulnerabilities CVE-2020-11651 & CVE-2020-11652.) [Github]
• June 3, 2020
  • CVE-2020-11651 (PoC for CVE-2020-11651) [Github]
  • CVE-2020-11652 (saltstack CVE-2020-11652 ) [Github]
  • salt-security-backports (Salt security backports for CVE-2020-11651 & CVE-2020-11652) [Github]
  • cve-2020-11651-exp-plus () [Github]
  • CVE-2020-11651-CVE-2020-11652-EXP (CVE-2020-11651&&CVE-2020-11652 EXP) [Github]
  • CVE-2020-11651 (CVE-2020-11651: Proof of Concept) [Github]
  • CVE-2020-11651 (PoC for CVE-2020-11651) [Github]
  • SaltStack-Exp (CVE-2020-11651&&CVE-2020-11652 EXP) [Github]
  • SaltStack-Exp (CVE-2020-11651&&CVE-2020-11652 EXP) [Github]
  • cve-2020-11651 () [Github]
  • salt-vulnerabilities (Checks for CVE-2020-11651 and CVE-2020-11652) [Github]
• May 12, 2020
  • SaltStack Salt Master Server Root Key Disclosure [Metasploit]
  • SaltStack Salt Master/Minion Unauthenticated RCE [Metasploit]
• May 11, 2020
  • Saltstack 3000.1 - Remote Code Execution [Exploit-DB]
  • CVE-2020-11651 (SaltStack exploit compatible with IP lists with customizable payload) [Github]
• May 4, 2020
  • CVE-2020-11651-poc (PoC exploit of CVE-2020-11651 and CVE-2020-11652) [Github]

Vulnerable software:
Salt
Web applications / Remote management & hosting panels

Vendor: SaltStack