eScan Management Console

Exploit Title : eScan Management Console - Incorrect Access Control
Author : Jeyabalaji
Affected Versions : 14.0.1400.2281
Tested on : Windows 11
CVE : CVE-2024-42919

Description:

The Escan Management Console implements authentication mechanisms; however, the acteScanAVReport endpoint is accessible without requiring any authentication.

Payload :

acteScanAVReport (Endpoint)

Steps to reproduce :

Open eScan Management Console
Give 'acteScanAVReport' Endpoint
We can able to access the eScan AV Report

Mitigation :

Update to the latest version

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

eScan Management Console

Description:

Payload :

Steps to reproduce :

Mitigation :

Files

README.md

Latest commit

History

README.md

File metadata and controls

eScan Management Console

Description:

Payload :

Steps to reproduce :

Mitigation :