PoC Week 2024-03-24

Posted on Mar 24, 2024

The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.


  • Severity: 9.8 CRITICAL
  • Impacted Products: Fortinet FortiOS, FortiProxy various versions
  • Description: Out-of-bounds write vulnerability enabling unauthorized code or command execution via crafted requests.
  • Remediation: Follow Fortinet’s vendor instructions for mitigation or product discontinuation if not available.
  • More Info: NVD - CVE-2024-21762
  • PoC: https://github.com/d0rb/CVE-2024-21762


  • Severity: 8.8 HIGH
  • Impacted Products: Linux Kernel versions from 4.13 up to 4.13.7
  • Description: Insufficient data validation in waitid allowed a user to escape sandboxes on Linux.
  • Remediation: Apply patches from Linux kernel or vendor advisories.
  • More Info: NVD - CVE-2017-5123
  • PoC: https://github.com/h1bAna/CVE-2017-5123




  • Severity: 8.6 HIGH
  • Impacted Products: Docker before 18.09.2 and other products using runc
  • Description: Attackers can overwrite the host runc binary to gain root access by exploiting file-descriptor mishandling related to /proc/self/exe.
  • Remediation: Update Docker and runc to versions that include a fix for this vulnerability.
  • More Info: NVD - CVE-2019-5736
  • PoC: https://github.com/q3k/cve-2019-5736-poc




  • Severity: 9.8 CRITICAL
  • Impacted Products: Fortra FileCatalyst Workflow 5.x, before version 5.1.6 Build 114
  • Description: The vulnerability, found in the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal, enables directory traversal. This allows for unauthorized file uploads outside the intended ‘uploadtemp’ directory, potentially leading to Remote Code Execution (RCE) on the server.
  • Remediation: Users should update to Fortra FileCatalyst Workflow version 5.1.6 Build 114 or later to mitigate this vulnerability.
  • More Info: NVD - CVE-2024-25153
  • PoC: https://github.com/nettitude/CVE-2024-25153



  • Severity: 9.8 CRITICAL
  • Impacted Products: Ultimate Member WordPress plugin versions 2.1.3 to 2.8.2
  • Description: SQL Injection vulnerability via ‘sorting’ parameter allows unauthenticated attackers to execute arbitrary SQL commands.
  • Remediation: Update to a version later than 2.8.2.
  • More Info: NVD - CVE-2024-1071
  • PoC: https://github.com/gbrsh/CVE-2024-1071


  • Severity: 9.3 CRITICAL
  • Impacted Products: FortiClientEMS
  • Description: Critical SQL Injection vulnerability allowing unauthenticated remote code execution.
  • Remediation: Fortinet has issued patches for affected versions.
  • More Info: Tenable®
  • PoC: https://github.com/horizon3ai/CVE-2023-48788


  • Severity: 9.8 CRITICAL
  • Impacted Products: FortiOS versions up to 7.2.4, FortiProxy versions up to 7.2.3
  • Description: Heap-based buffer overflow in SSL-VPN allows remote attackers to execute arbitrary code.
  • Remediation: Update to the fixed versions as provided by Fortinet.
  • More Info: NVD - CVE-2023-27997
  • PoC: https://github.com/lexfo/xortigate-cve-2023-27997



  • Severity: 7.8 HIGH
  • Impacted Products: Linux Kernel versions since v2.6.19-rc1 up to specific versions before the fix
  • Description: A heap out-of-bounds write in net/netfilter/x_tables.c, affecting Linux since v2.6.19-rc1, allows an attacker to gain privileges or cause a DoS through heap memory corruption.
  • Remediation: Apply patches available from Linux or vendor-specific advisories.
  • More Info: NVD - CVE-2021-22555
  • PoC: https://github.com/veritas501/CVE-2021-22555-PipeVersion


  • Severity: 7.8 HIGH
  • Impacted Products: Linux kernel versions 2.x through 4.x before 4.8.3
  • Description: A race condition in mm/gup.c allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, known as “Dirty COW.”
  • Remediation: Update to a version after 4.8.3, applying patches or following specific vendor advisories.
  • More Info: NVD - CVE-2016-5195
  • PoC: https://github.com/dirtycow/dirtycow.github.io/blob/master/pokemon.c


This list was scraped from the quite amazing and highly recommended newsletters below:

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.