Cyber security

CVE-2024-25153 : A Detailed Guide To Remote Code Execution In Fortra File Catalyst Workflow

This is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.

Full technical details can be found.

Usage

Run the exploit using the following command:

CVE-2024-25153.py --host <hostname> --port <port> --url <url> --cmd <command>

Only the --host argument is required, and others are optional. Use the --help argument for full usage instructions.

Disclaimer

This proof-of-concept is for demonstration purposes and should not be used for illegal activities. LRQA Nettitude are not responsible for any damage caused by the use or misuse of this code.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Install Pip on Ubuntu 18.04: Python 3 and Python 2 Setup Guide

Pip is the official package manager for Python and the standard way to install libraries from…

1 day ago

Install R on Ubuntu 18.04 from CRAN: Statistical Computing Setup

R is an open-source programming language and environment built for statistical computing and data visualization. It…

1 day ago

Install Jenkins on Ubuntu 18.04: CI/CD Server Setup Guide

Jenkins is an open-source automation server that makes it easy to build CI/CD pipelines. Continuous integration…

1 day ago

Install Android Studio on Ubuntu 18.04 with Snap and OpenJDK 8

Android Studio is the official IDE for Android development, built on JetBrains' IntelliJ IDEA platform. It…

1 day ago

Install and Configure GitLab on Ubuntu 18.04 with Omnibus

GitLab is a web-based, open-source Git repository manager written in Ruby. It includes built-in tools for…

1 day ago

Install Anaconda on Ubuntu 18.04: Python Data Science Setup Guide

Anaconda is the most widely used Python distribution for data science and machine learning. It bundles…

2 days ago