CVE-2024-25153 : A Detailed Guide To Remote Code Execution In Fortra File Catalyst Workflow

This is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.

Full technical details can be found.

Usage

Run the exploit using the following command:

CVE-2024-25153.py --host <hostname> --port <port> --url <url> --cmd <command>

Only the --host argument is required, and others are optional. Use the --help argument for full usage instructions.

Disclaimer

This proof-of-concept is for demonstration purposes and should not be used for illegal activities. LRQA Nettitude are not responsible for any damage caused by the use or misuse of this code.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Next Awesome-OpSec : Empowering Digital Safety Through Feminist Cybersecurity And Operational Security »

Previous « Kimsuky PowerShell Backdoor - A Comprehensive Analysis Of Its Commands And Operations

Leave a Comment

Share

Published by

Varshini

Tags: CVE-2024-25153cybersecurityinformationsecuritykalilinuxkalilinuxtools

10 months ago

Recent Posts

Vulnerability Analysis

garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security

garak checks if an LLM can be made to fail in a way we don't…

24 hours ago

Post Exploitation

Vermilion : Mastering Linux Post-Exploitation For Red Team Success

Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration…

24 hours ago

Exploitation Tools

AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration

ADCFFS is a PowerShell script that can be used to exploit the AD CS container…

24 hours ago

Hacking Tools

Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories

Tartufo will, by default, scan the entire history of a git repository for any text…

24 hours ago

software

Loco : A Rails-Inspired Framework For Rust Developers

Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at…

2 days ago

Applications

Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files

A data hoarder’s dream come true: bundle any web page into a single HTML file.…

2 days ago

L