Lucene search
+L

14 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 6:35 a.m.21 views

CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

9.8CVSS6.8AI score0.75812EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.286 views

Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh/transport/session' require 'net/sftp' require 'openssl' class MetasploitModule 'Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read',...

9.8CVSS7.1AI score0.75812EPSS
Exploits3
Metasploit
Metasploit
added 2024/07/08 7:54 p.m.308 views

Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read

This module exploits CVE-2024-5806, an authentication bypass vulnerability in the MOVEit Transfer SFTP service. The following version are affected: MOVEit Transfer 2023.0.x Fixed in 2023.0.11 MOVEit Transfer 2023.1.x Fixed in 2023.1.6 MOVEit Transfer 2024.0.x Fixed in 2024.0.2 The module can...

9.8CVSS9AI score0.75812EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2024/07/05 4:50 p.m.28 views

Metasploit Weekly Wrap-Up 07/05/2024

I still like to MOVEit MOVEit This week, our very own sfewer-r7 added a new exploit module that leverages an authentication bypass vulnerability in the MOVEit Transfer SFTP service CVE-2024-5806. It is possible to authenticate to the SFTP service as any user as long as a valid username is known a...

9.1CVSS9.5AI score0.75812EPSS
Exploits5
CISA
CISA
added 2024/06/28 12:0 p.m.13 views

Progress Software Releases Security Bulletin for MOVEit Transfer

Progress Software released a security bulletin to address a vulnerability in MOVEit Transfer. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following bulletin and apply the necessary updates: MOVE...

9.8CVSS7AI score0.75812EPSS
Exploits3References1
The Hacker News
The Hacker News
added 2024/06/26 2:57 p.m.76 views

Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP!

A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 CVSS score: 9.1, concerns an authentication bypass that...

9.8CVSS9.9AI score0.99999EPSS
Exploits42
Circl
Circl
added 2024/06/26 8:10 a.m.43 views

CVE-2024-5806

creationtimestamp| type| source ---|---|--- 2024-06-26 08:10:26+00:00| published-proof-of-concept| https://t.me/IntrusionExploit/142 2024-06-26 08:52:56+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/8861 2024-06-26 09:50:07+00:00| published-proof-of-concept|...

9.8CVSS7.5AI score0.75812EPSS
Exploits3References28
Rapid7 Blog
Rapid7 Blog
added 2024/06/25 6:16 p.m.40 views

Authentication Bypasses in MOVEit Transfer and MOVEit Gateway

On June 25, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer and MOVEit Gateway: CVE-2024-5806, a critical authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration; and CVE-2024-5805, a critical SFTP-associated...

9.1CVSS9.8AI score0.75812EPSS
Exploits3
OSV
OSV
added 2024/06/25 3:15 p.m.4 views

CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

9.8CVSS5.8AI score0.75812EPSS
Exploits3References2
NVD
NVD
added 2024/06/25 3:15 p.m.55 views

CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

9.8CVSS0.75812EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/06/25 3:4 p.m.29 views

CVE-2024-5806 MOVEit Transfer Authentication Bypass Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

9.1CVSS9.4AI score0.75812EPSS
Exploits3References2
CVE
CVE
added 2024/06/25 3:4 p.m.146 views

CVE-2024-5806

CVE-2024-5806 affects the MOVEit Transfer SFTP module. The issue is an Improper Authentication vulnerability that can lead to an Authentication Bypass . Affected versions include MOVEit Transfer 2023.0.x prior to 2023.0.11, 2023.1.x prior to 2023.1.6, and 2024.0.x prior to 2024.0.2. Root cause is...

9.8CVSS9.2AI score0.75812EPSS
In wildExploits3References2Affected Software1
Cvelist
Cvelist
added 2024/06/25 3:4 p.m.75 views

CVE-2024-5806 MOVEit Transfer Authentication Bypass Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

9.1CVSS0.75812EPSS
Exploits3References2
GithubExploit
GithubExploit
added 2024/06/24 4:28 p.m.716 views

Exploit for Improper Authentication in Progress Moveit_Transfer

CVE-2024-5806 Exploit for Progress MOVEit Transfer CVE-2024-5...

9.8CVSS9.4AI score0.75812EPSS
Exploits3
Rows per page
Query Builder