.. / CVE-2023-32563

Exploit for Ivanti Avalanche - Remote Code Execution (CVE-2023-32563)

Description:

An unauthenticated attacker could achieve the code execution through a RemoteControl server.

Nuclei Template

View the template here CVE-2023-32563.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-32563.yaml
Copy

References:

https://twitter.com/wvuuuuuuuuuuuuu/status/1694956245742923939
https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US
https://github.com/mayur-esh/vuln-liners
https://nvd.nist.gov/vuln/detail/CVE-2023-32563