2 matches found
📄 Ivanti Connect Secure 9.x / 22.x Command Injection
The provided PHP script targets CVE‑2024‑21887, a command injection vulnerability in Ivanti Connect Secure versions 9.x and 22.x It is designed to identify and exploit vulnerable systems through a crafted API request. It initializes a reusable cURL session to send malicious JSON payloads to a...
VulnCheck KEV: CVE-2024-21887
Ivanti Connect Secure ICS, formerly known as Pulse Connect Secure and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This...