CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more in the near future: Horizon3.ai researchers have published their analysis of the flaw and a PoC exploit for it. About CVE-2024-8190 CVE-2024-8190 is a command injection vulnerability that can only be exploited if the attacker manages to log into the appliance’s admin login page first. According … More
The post PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190) appeared first on Help Net Security.