tags:sqli #.netenterprise_app original link: CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability newsletter link: exploits.club Weekly Newsletter 25
Exploits Club Summary:
Horizon3.ai dropped a deep dive on CVE-2024-29824 this week. The vulnerability is a pretty straight forward SQL injection, whereÂ
string.Format is used to insert an attacker controlled value into a SQL query. The post steps through reversing a .NET application to identify the vulnerable function and then walks up the call tree to determine the best way to trigger the bug. It then shows a payload usingÂxp_cmdshell to gain RCE. Finally, as always from these guys, it includes some IoCs at the very end if you happen to still be using Ivanti products at this point