tags:auth_bypasspath_traversalenterprise_app original link: A Catastrophe For Control: Understanding the ScreenConnect Authentication Bypass newsletter link: exploits.club Weekly Newsletter 09
Exploits Club Summary:
 Huntress did a deep dive into the recent ScreenConnect CVEs. This included an authentication bypass and a path traversal, which ConnectWise published in an advisory earlier this week. The post goes through the process of analyzing the patch, identifying the root cause of each vulnerability, and writing exploits for each. It also puts out some potential IOCs, for those of you blue team folks out there.