Skip to content

Sign In Subscribe

Vulnerabilities

PoC Released for CVE-2024-41958

, and Dark Web Informer

6 August 2024 . 1:29 PM

1 min read

Link: https://github.com/OrangeJuiceHU/CVE-2024-41958-PoC

"This is a small proof of concept for CVE-2024-41958.

It is possible to bypass the TFA authentication on the admin panel.

Affected versions: < 2024-07

Prerequisites needed for the CVE to function:

Password and username for an account without TFA.
Password and username for an account which has TFA enabled.
Mailcow version below 2024-07.

How to use the poc:

Install the dependency

pip install -r requirements.txt

Fill in the necessary informations in the sript

URL
Password and username for the user who does not have TFA enabled
Password and username for the user who has TFA enabled

Run the script

python poc.py

The output if the script works fine:

PoC works!

PHPSESSID=6cd6779a5e499a0e7708aed3aae9d3a4

Copy the PHPSESSID and set the cookie in your browser

Refresh the page
You are now logged in as the user with TFA enabled"

Comments

Latest

Daily Dose of Dark Web Informer - September 18th, 2024

News

Daily Dose of Dark Web Informer - September 18th, 2024

, and Dark Web Informer

18 September 2024

Paid Members Public

A Threat Actor is Allegedly Selling the Database of ELLIPAL

Data Breaches

A Threat Actor is Allegedly Selling the Database of ELLIPAL

, and Dark Web Informer

18 September 2024

Paid Members Public

A Threat Actor Allegedly is Selling RDWeb Access to an Unidentified Canadian Company

Data Breaches

A Threat Actor Allegedly is Selling RDWeb Access to an Unidentified Canadian Company

, and Dark Web Informer

18 September 2024

Paid Members Public

A Threat Actor is Allegedly Selling RDWeb Access to an Unidentified Sweden Company

Data Breaches

A Threat Actor is Allegedly Selling RDWeb Access to an Unidentified Sweden Company

, and Dark Web Informer

18 September 2024

Paid Members Public