Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(CVE-2024-41713) Mitel MiCollab 0-day, auth-bypass bug to access sensitive files #19725

Open
h00die opened this issue Dec 14, 2024 · 0 comments
Open

(CVE-2024-41713) Mitel MiCollab 0-day, auth-bypass bug to access sensitive files #19725

h00die opened this issue Dec 14, 2024 · 0 comments
Labels
suggestion-module New module suggestions

Comments

@h00die
Copy link
Contributor

h00die commented Dec 14, 2024

Summary

Mitel MiCollab Authentication Bypass to Arbitrary File Read

Basic example

https://github.com/watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713?ref=labs.watchtowr.com

Motivation

Not sure how popular the software is, but seems like an easy exploit, and according to https://www.theregister.com/AMP/2024/12/06/mitel_micollab_0day/#amp_tf=From%20%251%24s&aoh=17340482743523&csi=0&referrer=https%3A%2F%2Fwww.google.com the vendor doesn't seem eager to fix it.
@h00die h00die added the suggestion-module New module suggestions label Dec 14, 2024
msutovsky-r7 added a commit to msutovsky-r7/metasploit-framework that referenced this issue Dec 16, 2024
@msutovsky-r7
Revert "Landing rapid7#19725, fixed incorrect processing of HTTP User…
add8a7b 
… Agent parameter in x64 reverse HTTP payload (Windows)"

This reverts commit ebf7379, reversing
changes made to 50b1259.
@msutovsky-r7 msutovsky-r7 mentioned this issue Dec 16, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
suggestion-module New module suggestions
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@h00die