Cyber security

CVE-2024-25153 : A Detailed Guide To Remote Code Execution In Fortra File Catalyst Workflow

This is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.

Full technical details can be found.

Usage

Run the exploit using the following command:

CVE-2024-25153.py --host <hostname> --port <port> --url <url> --cmd <command>

Only the --host argument is required, and others are optional. Use the --help argument for full usage instructions.

Disclaimer

This proof-of-concept is for demonstration purposes and should not be used for illegal activities. LRQA Nettitude are not responsible for any damage caused by the use or misuse of this code.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Install Opera Web Browser on Ubuntu 18.04: Complete Setup Guide

Opera is one of the most popular cross-platform web browsers in the world, available on Windows,…

4 hours ago

Install Gogs on Ubuntu 18.04: Self-Hosted Git Server Setup Guide

Gogs is a free, self-hosted Git service written in Go. It gives you a private GitHub-like…

4 hours ago

Install Elasticsearch on Ubuntu 18.04: Setup and Config Guide

Elasticsearch is an open-source distributed search and analytics engine built on Apache Lucene. It supports RESTful…

4 hours ago

Install Flask on Ubuntu 18.04: venv Setup and Hello World App

Flask is a free, open-source micro web framework for Python. It is built on Werkzeug and…

5 hours ago

Install Memcached on Ubuntu 18.04: Setup, Config, and Client Guide

Memcached is a free, open-source, high-performance in-memory caching system. It stores data as key-value pairs in…

5 hours ago

Install TensorFlow on Ubuntu 18.04: Python venv Setup and Usage

TensorFlow is a free, open-source machine learning platform developed by Google. It is used by major…

1 day ago