Exploit for #VU95992 Incorrect Implementation of Authentication Algorithm in Virtual Traffic Manager

Exploit for #VU95992 Incorrect Implementation of Authentication Algorithm in Virtual Traffic Manager

Published: 2024-08-27 | Updated: 2024-09-27

Vulnerability identifier: #VU95992

Vulnerability risk: High

CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2024-7593

CWE-ID: CWE-303

Exploitation vector: Network

Exploits in database: 2

September 27, 2024
- CVE-2024-7593_PoC_Exploit (CVE-2024-7593 Ivanti Virtual Traffic Manager 22.2R1 / 22.7R2 Admin Panel Authentication Bypass PoC [EXPLOIT]) [Github]
August 27, 2024
- Ivanti Virtual Traffic Manager Authentication Bypass (CVE-2024-7593) [Metasploit]

Impact: Code execution

Vulnerable software:
Virtual Traffic Manager
Other software / Other software solutions

Vendor: Ivanti