NOTICE

Some features on this website won't work without JavaScript such as theme toggle, search bar, and copy article.

Havoc C2 Team Server Unauthenticated SSRF

HIGH CVE-2024-41570 July 13, 2024

DESCRIPTION

An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in Havoc C2 Team Server allows attackers to make arbitrary HTTP requests.

DETAILS

A high severity vulnerability in the Havoc C2 Team Server allows unauthenticated attackers to perform Server-Side Request Forgery (SSRF) attacks. This vulnerability could enable attackers to make arbitrary HTTP requests from the server, potentially leading to internal network enumeration or data exfiltration.

AFFECTING

Havoc C2 Team Server • All versions

REFERENCES

https://nvd.nist.gov/vuln/detail/CVE-2024-41570