CVE-2024-1709

Description

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel

vulnerability, which may allow an attacker direct access to confidential information or

critical systems.

Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Severity: CRITICAL
CVE ID: CVE-2024-1709
CVSS Score: 10.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2024-1709

Refrence: Project Discovery GitHub

W01fh4cker

ScreenConnect AuthBypass(cve-2024-1709) --> RCE!!!

Refrence: GitHub

HussainFathy

A Scanner for CVE-2024-1709 - ConnectWise SecureConnect Authentication Bypass Vulnerability

Refrence: GitHub

sxyrxyy

Refrence: GitHub

cjybao

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept