Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection CVE-2024-21887

Name: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection (CVE-2024-21887)
Published: 2024-01-17T00:00:00.000Z

Severity

Vulnerability description: Not available
Risk description: Not available
Recommendation: Not available
References: https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html https://github.com/farukokutan/Threat-Intelligence-Research-Reports https://github.com/lions2012/Penetration_Testing_POC https://github.com/Chocapikk/CVE-2024-21887
Codename: Not available

Detectable with: Network Scanner
Scan engine: Nuclei
Exploitable with Sniper: No
CVE Published: Jan 12, 2024
Detection added at: Jan 17, 2024
Software Type: Not available
Vendor: Not available
Product: Not available

Detect this vulnerability now!

Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.

Compare paid plans Free access