Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such as names, phone numbers, and other mobile device details for users on a vulnerable system. An attacker can also make other configuration changes including installing software and modifying security profiles on registered devices.
PoC: CVE-2023-35078-Poc-Exploit
This tool is built in golang language to exploit CVE-2023-35078 vulnerability inspired by similar tool in python language https://github.com/vchan-in/CVE-2023-35078-Exploit-POC
PoC: CVE-2023-35078
CVE-2023-35078 - Ivanti MobileIron Core Remote Unauthenticated API Access Exploit tool
PoC: CVE-2023-35078
CVE-2023-35078 Remote Unauthenticated API Access vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core.
PoC: CVE-2023-35078
Ivanti Endpoint Manager Mobile (EPMM) POC
PoC: CVE-2023-35078
Ivanti Endpoint Manager Mobile exploit
PoC: nmap-CVE-2023-35078-Exploit
Nmap script to exploit CVE-2023-35078 - Mobile Iron Core
PoC: CVE-2023-35078
Easy and non-intrusive script to check for CVE-2023-35078
PoC: CVE-2023-35078
Proof of concept script to check if the site is vulnerable to CVE-2023-35078
PoC: CVE-2023-35078-Exploit-POC
CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free