CVE-2024-25153 : A Detailed Guide To Remote Code Execution In Fortra File Catalyst Workflow

This is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.

Full technical details can be found.

Usage

Run the exploit using the following command:

CVE-2024-25153.py --host <hostname> --port <port> --url <url> --cmd <command>

Only the --host argument is required, and others are optional. Use the --help argument for full usage instructions.

Disclaimer

This proof-of-concept is for demonstration purposes and should not be used for illegal activities. LRQA Nettitude are not responsible for any damage caused by the use or misuse of this code.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Next Awesome-OpSec : Empowering Digital Safety Through Feminist Cybersecurity And Operational Security »

Previous « Kimsuky PowerShell Backdoor - A Comprehensive Analysis Of Its Commands And Operations

Leave a Comment

Share

Published by

Varshini

Tags: CVE-2024-25153cybersecurityinformationsecuritykalilinuxkalilinuxtools

12 months ago

Recent Posts

Hacking Tools

WID_LoadLibrary : The Intricacies Of DLL Management In Windows

WID_LoadLibrary is a custom implementation inspired by the Windows API function LoadLibrary, which is used…

3 hours ago

Vulnerability Analysis

Locksmith : A Tool For Securing Active Directory Certificate Services

Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate…

3 hours ago

Information Gathering

Uscrapper Vanta : A Cutting-Edge OSINT Tool For Advanced Data Extraction

Uscrapper Vanta is a powerful open-source intelligence (OSINT) tool designed to revolutionize web scraping and…

3 hours ago

Applications

Pake : Transforming Webpages Into Desktop Applications

Pake is an innovative tool designed to convert any webpage into a desktop application with…

7 hours ago

Applications

Bevy : Exploring The Frontier Of Game Development With Rust

Bevy is an open-source, data-driven game engine built in Rust, designed to simplify game development…

7 hours ago

software

AppFlowy Cloud : Enhancing Collaboration With Secure Cloud Infrastructure

AppFlowy Cloud is a robust component of the AppFlowy ecosystem, designed to provide secure user…

1 day ago

L