CVE-2023-46805

The repository contains functional exploit scripts for CVE-2023-46805 (authentication bypass) and CVE-2024-21887 (command injection) in Ivanti Connect Secure and Policy Secure. The scripts demonstrate path traversal and command injection via crafted API requests.

The repository contains a Python script designed to scan Ivanti Connect Secure & Policy Secure appliances for vulnerabilities related to CVE-2023-46805 and CVE-2024-21887. It performs multiple checks to detect authentication bypass and command injection vulnerabilities without exploiting them.

This repository contains a scanner tool for detecting CVE-2023-46805, an authentication bypass vulnerability in Ivanti Pulse Connect Secure systems. The tool checks for the presence of the vulnerability by sending a crafted request to a specific endpoint and analyzing the response.

The repository contains a Python script that scans for potentially vulnerable Ivanti Connect Secure appliances using Shodan. It checks for the presence of CVE-2023-46805 by probing a specific endpoint and analyzing the HTTP response code.

This repository provides a Python script to parse Ivanti Secure Connect .vc0 log files into CSV format for forensic analysis, specifically targeting CVE-2025-0282. The tool extracts timestamps, converts hex values to human-readable formats, and maps message codes to descriptions.

The repository contains a functional Python script that exploits CVE-2023-46805 (authentication bypass) and CVE-2024-21887 (remote code execution) in Ivanti Connect Secure. It includes both vulnerability checking and command execution capabilities via crafted API requests.

This repository contains a Python script that scans for Ivanti Pulse Secure devices vulnerable to CVE-2023-46805, an authentication bypass vulnerability. It checks multiple endpoints to determine if a device is vulnerable or if mitigations are applied.

This repository contains a functional Go-based exploit for CVE-2023-46805, an RCE vulnerability in Ivanti products. The exploit sends a crafted POST request to a vulnerable endpoint, injecting a command via the 'type' parameter in a JSON payload.

This repository provides a Python script to decrypt and parse Ivanti Connect Secure system snapshots for IOCs related to CVE-2025-0282 and other vulnerabilities. It uses YARA rules to detect malware artifacts and parses process lists for suspicious activity.

This repository contains a functional exploit for CVE-2023-21887, which targets a path traversal vulnerability in an unspecified software. The exploit sends a crafted HTTP request to trigger a reverse shell payload, demonstrating remote code execution (RCE).

This Metasploit module exploits CVE-2023-46805 (authentication bypass) and CVE-2024-21887 (command injection) to achieve unauthenticated remote code execution on Ivanti Connect Secure and Ivanti Policy Secure. It leverages a path traversal vulnerability to bypass authentication and injects a payload into a cloud server test connection endpoint.

This Metasploit module chains an SSRF (CVE-2024-21893) and a command injection (CVE-2024-21887) to achieve unauthenticated RCE on Ivanti Connect Secure/Policy Secure. It leverages a malicious XML payload to trigger an SSRF to an internal service vulnerable to command injection.