CVE-2022-24715

This exploit leverages an authenticated file upload vulnerability in Icinga Web 2 to achieve remote code execution by uploading a malicious PHP file disguised as an SSH private key, then triggering it to establish a reverse shell.

This is a functional exploit for CVE-2022-24715, an authenticated RCE vulnerability in Icinga Web 2. It leverages a path traversal flaw to upload a malicious PEM file, enabling arbitrary command execution via a webshell.

This Go-based exploit targets CVE-2022-24715 in Icinga Web 2, leveraging a file upload vulnerability to achieve remote code execution (RCE) by injecting a malicious PHP payload into a configuration file. It automates authentication, CSRF token extraction, and module manipulation to trigger the payload.

This is a functional exploit for CVE-2022-24715, an authenticated RCE vulnerability in Icinga Web 2. It uploads a malicious PHP file disguised as an SSH private key, enables a module to execute it, and triggers a reverse shell.

This repository contains a functional exploit for CVE-2022-24715, an authenticated remote code execution vulnerability in Icinga Web 2. The exploit leverages a path traversal vulnerability to upload a malicious payload and achieve RCE.