51 matches found
EUVD-2026-29488
OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2026-8051
OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2026-8051
OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
May 2026 Security Advisory Ivanti Virtual Traffic Manager (vTM) (CVE-2026-8051)
Summary Ivanti has released updates for Ivanti Virtual Traffic Manager which addresses one High severity vulnerability. Successful exploitation could lead to admin authenticated remote code execution. We are not aware of any customers being exploited by this vulnerability at the time of disclosur...
Ivanti Virtual Traffic Manager 操作系统命令注入漏洞
Ivanti Virtual Traffic Manager is a software-based application delivery controller developed by the American company Ivanti. Versions of Ivanti Virtual Traffic Manager prior to 22.9r4 contained an operating system command injection vulnerability. This vulnerability stems from OS command injection...
CVE-2021-31922
An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could allow an attacker to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3...
EUVD-2016-9049
Malware in sbrugna...
EUVD-2018-12867
Malware in sbrugna...
Exploit for Incorrect Implementation of Authentication Algorithm in Ivanti Virtual_Traffic_Management
CVE-2024-7593 Description: CVE-2024-7593 is a critical v...
Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account...
Vulnerability fixed in Ivanti Virtual Traffic Manager
Ivanti has fixed a vulnerability in Virtual Traffic Manager. A malicious person could exploit the vulnerability to bypass authentication on the management interface and create an adminiatrator account, which could be used to take over the system completely. For successful abuse, the malicious par...
Ivanti Virtual Traffic Manager Authentication Bypass
Ivanti Virtual Traffic Manager vTM versions before 22.2R1 and 22.x 22.7R2 suffers from an authentication bypass vulnerability. By exploiting this vulnerability, a remote and unauthenticated attacker can access the administration panel and perform arbitrary modifications on the affected instance. ...
Ivanti Virtual Traffic Manager Authentication Bypass
class MetasploitModule 'Ivanti Virtual Traffic Manager Authentication Bypass CVE-2024-7593', 'Description' = %q This module exploits an access control issue in Ivanti Virtual Traffic Manager vTM, by adding a new administrative user to the web interface of the application. Affected versions includ...
Ivanti Virtual Traffic Manager Authentication Bypass (CVE-2024-7593)
This module exploits an access control issue in Ivanti Virtual Traffic Manager vTM, by adding a new administrative user to the web interface of the application. Affected versions include 22.7R1, 22.6R1, 22.5R1, 22.3R2, 22.3, 22.2. Module Options msf use auxiliary/admin/http/ivantivtmadmin msf...
The Bug Report - August 2024 Edition
The Bug Report - August 2024 Edition By Jonathan Omakun · August 26, 2024 Why am I Here August isn’t just about heat waves and summer getaways for the Northern Hemisphere; it’s also when things get serious for students and cybersecurity pros. As organizations prep for the end of the fiscal year,...
Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access
Ivanti has rolled out security updates for a critical flaw in Virtual Traffic Manager vTM that could be exploited to achieve an authentication bypass and create rogue administrative users. The vulnerability, tracked as CVE-2024-7593, has a CVSS score of 9.8 out of a maximum of 10.0. "Incorrect...
Ivanti Releases Security Updates for Avalanche, Neurons for ITSM, and Virtual Traffic Manager
Ivanti released security updates to address multiple vulnerabilities in Ivanti Avalanche, Neurons for ITSM, and Virtual Traffic Manager vTM. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Ivanti advises users to reduce their attack surface...
Ivanti Virtual Traffic Manager 安全漏洞
Ivanti Virtual Traffic Manager is a software-based application delivery controller from Ivanti Corporation, USA. A security vulnerability exists in Ivanti vTM version 22.2R1, 22.7R2, which stems from an error in the authentication algorithm. An attacker can exploit the vulnerability to bypass the...
Ivanti Virtual Traffic Manager (vTM) Web Interface Detection
Binary data ivantivirtualtrafficmanagerwebdetect.nbin...
Security Advisory: Ivanti Virtual Traffic Manager (vTM ) (CVE-2024-7593)
Last Modified Date Jun 18, 2025 12:05:38 PM...