CVE-2024-1708

🗓️ 21 Feb 2024 15:29:10Reported by cisa-cgType

cve🔗 web.nvd.nist.gov📰️ 15 Media mentions👁 196 Views🌐 WEB

ConnectWise ScreenConnect 23.9.7 path-traversal vulnerabilit

Reporter	Title	Published	Views	Family All 38
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Connectwise Screenconnect	21 Feb 202409:42	–	githubexploit
GithubExploit	Exploit for Path Traversal in Connectwise Screenconnect	21 Feb 202405:40	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Connectwise Screenconnect	16 Sep 202518:59	–	githubexploit
ATTACKERKB	CVE-2024-1708	21 Feb 202416:15	–	attackerkb
Information Security Automation	February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW	5 Mar 202418:43	–	avleonov
BDU FSTEC	The vulnerability of the ConnectWise ScreenConnect remote access software lies in the incorrect restriction on the path name to the restricted directory. This allows a perpetrator to execute arbitrary code.	22 Feb 202400:00	–	bdu_fstec
Circl	CVE-2024-1708	21 Feb 202417:22	–	circl
CISA KEV Catalog	ConnectWise ScreenConnect Path Traversal Vulnerability	28 Apr 202600:00	–	cisa_kev
CISA	CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities	2 May 202412:00	–	cisa
CISA	CISA Adds Two Known Exploited Vulnerabilities to Catalog	28 Apr 202612:00	–	cisa

NVD

Node

connectwise screenconnectRange<23.9.8

[
  {
    "defaultStatus": "unaffected",
    "product": "ScreenConnect",
    "vendor": "ConnectWise",
    "versions": [
      {
        "changes": [
          {
            "at": "23.9.8",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "23.9.7 ",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
connectwise	www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
huntress	www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
microsoft	www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

Parameter	Position	Path	Description	CWE
__EVENTTARGET	request body	SetupWizard.aspx/	Step 2/3 of setup wizard uses vulnerability to progress and enables account creation.	CWE-22
__EVENTARGUMENT	request body	SetupWizard.aspx/	Step 2/3 of setup wizard uses vulnerability to progress and enables account creation.	CWE-22
__VIEWSTATE	request body	SetupWizard.aspx/	Step 2/3 of setup wizard uses vulnerability to progress and enables account creation.	CWE-22
__VIEWSTATEGENERATOR	request body	SetupWizard.aspx/	Step 2/3 of setup wizard uses vulnerability to progress and enables account creation.	CWE-22
ctl00$Main$wizard$StartNavigationTemplateContainerID$StartNextButton	request body	SetupWizard.aspx/	Step 2/3 of setup wizard uses vulnerability to progress and enables account creation.	CWE-22
__EVENTTARGET	request body	SetupWizard.aspx/	Step 3: Create a new administrator account during setup wizard.	CWE-22
__EVENTARGUMENT	request body	SetupWizard.aspx/	Step 3: Create a new administrator account during setup wizard.	CWE-22
__VIEWSTATE	request body	SetupWizard.aspx/	Step 3: Create a new administrator account during setup wizard.	CWE-22
__VIEWSTATEGENERATOR	request body	SetupWizard.aspx/	Step 3: Create a new administrator account during setup wizard.	CWE-22
ctl00$Main$wizard$userNameBox	request body	SetupWizard.aspx/	Step 3: Create a new administrator account during setup wizard.	CWE-22