This is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.
Full technical details can be found.
Run the exploit using the following command:
CVE-2024-25153.py --host <hostname> --port <port> --url <url> --cmd <command> Only the --host argument is required, and others are optional. Use the --help argument for full usage instructions.
This proof-of-concept is for demonstration purposes and should not be used for illegal activities. LRQA Nettitude are not responsible for any damage caused by the use or misuse of this code.
Opera is one of the most popular cross-platform web browsers in the world, available on Windows,…
Gogs is a free, self-hosted Git service written in Go. It gives you a private GitHub-like…
Elasticsearch is an open-source distributed search and analytics engine built on Apache Lucene. It supports RESTful…
Flask is a free, open-source micro web framework for Python. It is built on Werkzeug and…
Memcached is a free, open-source, high-performance in-memory caching system. It stores data as key-value pairs in…
TensorFlow is a free, open-source machine learning platform developed by Google. It is used by major…