.. / CVE-2024-22024

Exploit for Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) - Unauthenticated XML External Entity (CVE-2024-22024)

Description:

Ivanti Connect Secure is vulnerable to XXE (XML External Entity) injection.

Affected Products:

Proof of Concept

PoC exploit

Nuclei Template

View the template here CVE-2024-22024.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-22024.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-22024
https://labs.watchtowr.com/are-we-now-part-of-ivanti/
https://twitter.com/h4x0r_dz/status/1755849867149103106/photo/1