Skip to content

watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
watchtowr-vs-mitel-micollab-cve-2024-41713_2024-12-05.py
watchtowr-vs-mitel-micollab-cve-2024-41713_2024-12-05.py
 
 

Repository files navigation

CVE-2024-41713

Mitel MiCollab Authentication Bypass to Arbitrary File Read

See our blog post for technical details

                         __         ___  ___________                   
         __  _  ______ _/  |__ ____ |  |_\__    ____\____  _  ________ 
         \ \/ \/ \__  \    ___/ ___\|  |  \|    | /  _ \ \/ \/ \_  __ \
          \     / / __ \|  | \  \___|   Y  |    |(  <_> \     / |  | \/
           \/\_/ (____  |__|  \___  |___|__|__  | \__  / \/\_/  |__|   
                                  \/          \/     \/                            

        watchtowr-vs-MiCollab_2024-12-05.py
        (*) Mitel MiCollab Authentication Bypass and Arbitrary File Read exploit by watchTowr
        
          - Sonny, watchTowr ([email protected])

        CVEs: [CVE-2024-41713 - Authentication Bypass] - [CVE-2024-00000 - Arbitrary File Read]


            Example Usage:
          - python watchtowr-vs-MiCollab_2024-12-05.py --url http://localhost --file /etc/passwd

Affected Versions

Mitel MiCollab 9.8 SP1 FP2 (9.8.1.201) and earlier, more details at Mitel advisory

Exploit authors

This exploit was written by Sonny of watchTowr (@watchtowrcyber)

Follow watchTowr Labs

For the latest security research follow the watchTowr Labs Team

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

12 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages