ConnectWise ScreenConnect CVE-2024-1709 Vulnerability Scanner
Find out if your ConnectWise ScreenConnect target is vulnerable to CVE-2024-1708 and CVE-2024-1709 – aka the SlashAndGrab vulnerabilities, which unauthenticated attackers can exploit to bypass security controls and get unrestricted access to the affected system.
Please beware, this free tool only scans ports 80, 443 and 8040, which Shodan confirms are by far the most frequently used ports that ScreenConnect is installed on.
Overview of the ConnectWise ScreenConnect vulnerabilities
ConnectWise, a US-based software company, has issued updates to address two critical flaws in its SmartConnect remote management software, one of which is actively being exploited in the wild.
CVE-2024-1708 (CVSSv3 8.4)
This vulnerability consists of insufficient restriction on access to a directory path ("path traversal"), classified under CWE-22.
This path traversal flaw that originates in inadequate validation of directory traversal patterns, can let a remote attacker with elevated privileges dispatch an especially crafted HTTP request to access files arbitrarily on the target system.
CVE-2024-1709 (CVSSv3 10)
This issue allows attackers to circumvent authentication mechanisms through an alternative pathway or method, as per CWE-288.
Specifically, an unauthenticated attacker can use CVE-2024-1709 to bypass security controls and gain unrestricted system access.
What’s more, ConnectWise has reported these indicators of compromise, meaning cyber adversaries are using these specific IP addresses:
155.133.5.15,
155.133.5.14,
118.69.65.60.
This issue is present in versions of ScreenConnect up to
23.9.7.
Huntress, a cybersecurity company, confirmed these vulnerabilities are easily exploitable through a detailed article and video (created by John Hammond) and has devised a temporary solution for affected systems.
About our Network Vulnerability Scanner
Our Network Vulnerability Scanner is a well-rounded tool for all your network security assessments.
It combines multiple engines and fine-tuned (customizable) scan settings which surface over 10.000 critical vulnerabilities, misconfigurations, and outdated services.
Each scan automatically updates your attack surface and provides an up-to-date map for planning targeted attacks or strategic lateral movements.
Explore a sample report which includes a vulnerability summary, automatically confirmed findings, evidence, and more.