CVE-2024-29824

HIGH KEV NUCLEI

Ivanti EPM RecordGoodApp SQLi RCE

Title source: metasploit

Description

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Exploits (3)

nomisec WORKING POC 26 stars

by horizon3ai · remote

https://github.com/horizon3ai/CVE-2024-29824

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by R4be1 · remote

https://github.com/R4be1/CVE-2024-29824

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by James Horseman, Christophe De La Fuente · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ivanti_epm_recordgoodapp_sqli_rce.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Ivanti EPM - Remote Code Execution

CRITICALby DhiyaneshDK

References (2)

[Vendor Advisory] https://forums.ivanti.com/s/article/Security-Advisory-May-2024

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-29824

Scores

CVSS v3 8.8

EPSS 0.9397

EPSS Percentile 99.9%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2024-10-02

VulnCheck KEV 2024-06-19

InTheWild.io 2024-10-02

ENISA EUVD EUVD-2024-26818

CWE

CWE-89

Status published

Products (2)

ivanti/endpoint_manager 2022 (6 CPE variants)

ivanti/endpoint_manager < 2022

Published May 31, 2024

KEV Added Oct 02, 2024

Tracked Since Feb 18, 2026