CVE-2024-21887
- Reference to the description:
- Description:
- A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
- Last updated date:
- 11/29/2024
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 01/10/2024
- Reference url to background
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/14/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/14/2024
- Reference url to background
https://github.com/yoryio/CVE-2023-46805_CVE-2024-21887_Scanner
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/16/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/16/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/16/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/17/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/18/2024
- Reference url to background
https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/18/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/19/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/09/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/10/2024
- Reference url to background