Skip to main content
← Back to Advisories

Havoc C2 Team Server Unauthenticated SSRF

HIGH CVE-2024-41570
chebuya's profile picture

chebuya @_chebuya

DESCRIPTION

An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in Havoc C2 Team Server allows attackers to make arbitrary HTTP requests.

DETAILS

A high severity vulnerability in the Havoc C2 Team Server allows unauthenticated attackers to perform Server-Side Request Forgery (SSRF) attacks. This vulnerability could enable attackers to make arbitrary HTTP requests from the server, potentially leading to internal network enumeration or data exfiltration.

AFFECTING

  • Havoc C2 Team Server • All versions