tonyharris.io

PoC Week 2024-11-04

Posted on Nov 6, 2024

The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2024-46538

  • Severity: 9.3 CRITICAL
  • Impacted Products: pfsense v2.5.2
  • Description: A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php.
  • Remediation: Follow developer guidance.
  • More Info: NVD - CVE-2024-46538
  • PoC: https://github.com/EQSTLab/CVE-2024-46538/

CVE-2024-46483

  • Severity: 8.1 HIGH
  • Impacted Products: Xlight FTP Server <3.9.4.3
  • Description: Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.
  • Remediation: Follow developer guidance.
  • More Info: NVD - CVE-2024-46483
  • PoC: https://github.com/kn32/cve-2024-46483/

CVE-2024-37383

CVE-2024-21887

  • Severity: 9.1 CRITICAL
  • Impacted Products: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)
  • Description: Command injection vulnerability allowing an authenticated administrator to execute arbitrary commands.
  • Remediation: Apply mitigations per vendor instructions or discontinue use if mitigations unavailable.
  • More Info: NVD - CVE-2024-21887
  • PoC: https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887

References

This list was scraped from the quite amazing and highly recommended newsletters below:

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.