Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2024-12356
Topic description: "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. ..."
"Based upon both writing a [technical analysis](https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356#rapid7-analysis) of this vuln, and an accompanying [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/19877), I have rated the exploitability as `Very High`, as exploitation is reliable, repeatable, and can be fully automated by an exploit script ..."
Link: https://attackerkb.com/assessments/4b8511fd-3dcf-4ea3-8dd2-7df3b2245055
Topic description: "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. ..."
"Based upon both writing a [technical analysis](https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356#rapid7-analysis) of this vuln, and an accompanying [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/19877), I have rated the exploitability as `Very High`, as exploitation is reliable, repeatable, and can be fully automated by an exploit script ..."
Link: https://attackerkb.com/assessments/4b8511fd-3dcf-4ea3-8dd2-7df3b2245055
0
0
0