Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-44529 PoC — Ivanti Endpoint Manager 代码注入漏洞

Source
https://github.com/jkana/CVE-2021-44529
Associated Vulnerability
Title:Ivanti Endpoint Manager 代码注入漏洞 (CVE-2021-44529)
Description:A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
Description
CVE-2021-44529 PoC
Readme
# CVE-2021-44529

## Vendor Homepage: https://www.ivanti.com/ 
## Software Link: https://forums.ivanti.com/s/article/Customer-Update-Cloud-Service-Appliance-4-6 
## Version: CSA 4.6 4.5 - EOF Aug 2021 

Execute
```
python3 exploit.py <URL> <command>
```
Example
```
python3 exploit.py 'https://x.x.x.x' 'ls'

LDMGdeploy.pdf
LDSupport.exe
OnDemand.php
RCClient.dmg
RCClient.exe
about.php
download.php
images
index.php
menus.php
site.conf
style.php
test.txt
tools.php
```
The exploit present in this repository should be used only for educational purpose. I am not responsible for any illegal activity carried out using exploits or snippet of it.
File Snapshot

 [4.0K]  /data/pocs/49993f6a1ab9464ff901f01886ee244c476470dc
├── [ 571]  exploit.py
└── [ 645]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →