CVE-2024-7029 highlights a severe security issue in AVTech devices, where attackers can bypass authentication and execute arbitrary commands remotely. This vulnerability poses significant risks to the integrity and security of affected networks.
CVE-2024-7029 is a critical security flaw in AVTech devices that allows unauthorized access through authentication bypass, potentially leading to remote code execution. This vulnerability is particularly concerning because it can be exploited remotely, making networks with these devices highly vulnerable.
- .NET 8
There are no specific prerequisites needed to run this PoC.
To download the executable versions of this PoC, please visit the official Releases page on GitHub. This will allow you to obtain the compiled version ready for use:
To use this PoC, run the program and either provide the target URL or a file containing a list of URLs. You can also set the number of threads for scanning. The program will then check for vulnerabilities and allow you to interact with the vulnerable system through a shell.
The expected output will include messages indicating whether the target is vulnerable or not. If vulnerable, the program will display command outputs after interacting with the system, allowing you to see the results of executed commands.
To mitigate CVE-2024-7029, it is strongly recommended to decommission affected AVTech devices, especially if patches are unavailable. Additionally, actively monitor network traffic for unusual activity and apply any security updates as soon as they become available to reduce the risk of exploitation.
- Bug Founder: Aline Eliovich Security Researcher at Akamai
- Aline Eliovich
If you find this project helpful and would like to support further development, please consider making a donation:
Handcrafted with Passion by Ebrahim Shafiei (EbraSha)
- E-Mail: Prof.Shafiei@Gmail.com
- Telegram: @ProfShafiei
If you encounter any issues or have configuration problems, please reach out via email at Prof.Shafiei@Gmail.com. You can also report issues on GitLab or GitHub.
This Proof of Concept (PoC) is provided for educational purposes only. Unauthorized use of this code on systems you do not own or have explicit permission to test is illegal and unethical. By using this PoC, you agree to take full responsibility for any misuse or damage that may result. The author disclaims all liability for actions taken based on the information provided in this repository. Always ensure you have proper authorization before conducting any security testing.