This template matches on the following versions, if there is a match then the host is considered vulnerable:
- "22.2"
- "22.3"
- "22.3R2"
- "22.5R1"
- "22.6R1"
- "22.7R1"
To prevent producing any FPs it also matches on the below:
- type: word
part: body
words:
- "Login (Virtual Traffic Manager"
- Download Nuclei from here
- Copy the template to your local system
- Run the following command:
nuclei -u https://yourHost.com -t template.yaml
- https://arcticwolf.com/resources/blog/cve-2024-7593-cve-2024-7569/
- https://nvd.nist.gov/vuln/detail/CVE-2024-7593
- https://www.tenable.com/blog/cve-2024-7593-ivanti-virtual-traffic-manager-authentication-bypass-vulnerability
Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.
If you have any questions feel free to reach out to me on Signal or via email: [email protected].