.. / CVE-2024-2389

Exploit for Progress Kemp Flowmon < 11.1.14, 12.3.5 - Unauthenticated Remote Code Execution (CVE-2024-2389)

Description:

In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability allows unauthenticated users to execute arbitrary system commands via the Flowmon management interface.

Affected Products:

Proof of Concept

PoC exploit

Nuclei Template

View the template here CVE-2024-2389.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-2389.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-2389
https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability
https://twitter.com/wvuuuuuuuuuuuuu/status/1777977522140950640