CVE-2024-20356

HIGH

Cisco Unified Computing System (Standalone) - Authenticated OS Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-20356. PoCs published by nettitude, SherllyNeo.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-20356, a command injection vulnerability in Cisco CIMC. The PoC includes authentication, session handling, and command execution capabilities, demonstrating the ability to run arbitrary commands on the target system.

Description

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to elevate their privileges to root.

Exploits (2)

nomisec WORKING POC 55 stars
by nettitude · poc
https://github.com/nettitude/CVE-2024-20356

This repository contains a functional exploit for CVE-2024-20356, a command injection vulnerability in Cisco CIMC. The PoC includes authentication, session handling, and command execution capabilities, demonstrating the ability to run arbitrary commands on the target system.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Cisco CIMC
Auth required
Prerequisites: Valid credentials for Cisco CIMC · Network access to the target system
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC 1 stars
by SherllyNeo · poc
https://github.com/SherllyNeo/CVE_2024_20356

This repository contains a functional Rust-based exploit for CVE-2024-20356, a command injection vulnerability in Cisco's CIMC. The PoC includes authentication, encryption, and command execution capabilities, with support for various actions like testing, command execution, and shell access.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Cisco CIMC (Cisco Integrated Management Controller)
Auth required
Prerequisites: Network access to the target CIMC · Valid credentials (default: admin/cisco)
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 8.7
EPSS 0.3247
EPSS Percentile 98.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-78
Status published
Products (50)
Cisco/Cisco Unified Computing System (Standalone) 3.0(1c)
Cisco/Cisco Unified Computing System (Standalone) 3.0(1d)
Cisco/Cisco Unified Computing System (Standalone) 3.0(3a)
Cisco/Cisco Unified Computing System (Standalone) 3.0(3b)
Cisco/Cisco Unified Computing System (Standalone) 3.0(3e)
Cisco/Cisco Unified Computing System (Standalone) 3.0(4a)
Cisco/Cisco Unified Computing System (Standalone) 3.0(4d)
Cisco/Cisco Unified Computing System (Standalone) 3.0(4e)
Cisco/Cisco Unified Computing System (Standalone) 3.0(4i)
Cisco/Cisco Unified Computing System (Standalone) 3.0(4j)
... and 40 more
Published Apr 24, 2024
Tracked Since Feb 18, 2026