Ivanti EPM RecordGoodApp SQL Injection

Ivanti Endpoint Manager EPM versions 2022 SU5 and below suffer from a SQL Injection vulnerability. By exploiting this vulnerability, a remote and unauthenticated attacker can achieve Remote Code Execution RCE on the affected system. No source data...

Ivanti EPM RecordGoodApp SQL Injection / Remote Code Execution Exploit

Ivanti Endpoint Manager EPM 2022 SU5 and prior versions are susceptible to an unauthenticated SQL injection vulnerability which can be leveraged to achieve unauthenticated remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

The vulnerability of the RecordGoodApp method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to execute arbitrary code.

The vulnerability of the RecordGoodApp method in the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a...

Ivanti Endpoint Manager RecordGoodApp SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the RecordGoodApp method. The issue results from the lack ...