Ivanti Connect Secure Unauthenticated Remote Code Execution

This Metasploit module chains an authentication bypass vulnerability and a command injection vulnerability to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x prior to the vendor mitigation are vulnerable. It is unknown if unsupported versions 8.x and below are also vulnerable.

authentication authentication bypass bypass bypass vulnerability code code execution command command injection connect exploit injection ivanti ivanti connect secure ivanti policy secure metasploit mitigation policy remote code remote code execution unauthenticated vendor vulnerability vulnerable