google / tsunami-security-scanner-plugins

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
Apache License 2.0
882 stars 180 forks source link

PRP: connectwise screenconnect authentication bypass #391

Closed JamesFoxxx closed 9 months ago

JamesFoxxx commented 9 months ago

Hi Hi, This is a request for implementing the recent screenconnect authentication bypass vulnerability. This is a critical vulnerability that lets attackers create administrator accounts and after that administrator can reach an RCE with the help of another vulnerability. The vulnerable versions are available for confirming the authentication. Can I Start writing a plugin for this now? best regards, James.

Ref:

JamesFoxxx commented 9 months ago

https://twitter.com/Shadowserver/status/1760740607268638809?s=19 Wow the number of vulnerable instances is significant. CC for @tooryx @maoning

tooryx commented 9 months ago

Hi @JamesFoxxx,

Thank you for willing to contribute to Tsunami. We are currently not interested in that specific CVE. Please, feel free to suggest other plugins if there is anything that you wish to work on.

~tooryx