Skip to main content

Havoc

1 CVEs product

Monthly

CVE-2024-41570 CRITICAL POC Act Now

An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Havoc
NVD
CVSS 3.1
9.8
EPSS
2.9%
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Havoc
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy