CVE-2024-53304
MEDIUMLRQA Nettitude PoshC2 - Unauthenticated Remote Code Execution via Impersonation
Title source: llmDescription
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine.
References (1)
Core 1
Core References
Various Sources
https://gist.github.com/fern89/3464e8428d7675e4f0f390a6b2b2842e
Scores
CVSS v3
6.5
EPSS
0.0030
EPSS Percentile
22.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-284
Status
published
Published
Apr 16, 2025
Tracked Since
Feb 18, 2026