← Back to Advisories
Havoc C2 Team Server Unauthenticated SSRF
HIGH CVE-2024-41570

chebuya @_chebuya
DESCRIPTION
An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in Havoc C2 Team Server allows attackers to make arbitrary HTTP requests.
DETAILS
A high severity vulnerability in the Havoc C2 Team Server allows unauthenticated attackers to perform Server-Side Request Forgery (SSRF) attacks. This vulnerability could enable attackers to make arbitrary HTTP requests from the server, potentially leading to internal network enumeration or data exfiltration.
AFFECTING
- Havoc C2 Team Server • All versions