ConnectWise ScreenConnect 23.9.7 Unauthenticated Remote Code Execution

This Metasploit module exploits an authentication bypass vulnerability that allows an unauthenticated attacker to create a new administrator user account on a vulnerable ConnectWise ScreenConnect server. The attacker can leverage this to achieve remote code execution by uploading a malicious extension module. All versions of ScreenConnect version 23.9.7 and below are affected.

account administrator attacker authentication authentication bypass bypass bypass vulnerability can code code execution connectwise connectwise screenconnect exploits extension malicious metasploit remote code remote code execution screenconnect server unauthenticated version vulnerability vulnerable