Mitel MiCollab contains a path traversal vulnerability that could allow an attacker to gain unauthorized and unauthenticated access. This vulnerability can be chained with CVE-2024-55550, which allows an unauthenticated, remote attacker to read arbitrary files on the server.
PoC: CVE-2024-41713-PoC-exploit
Mitel MiCollab Authentication Bypass to Arbitrary File Read
PoC: CVE-2024-41713-Scan
A Python script to detect CVE-2024-41713, a directory traversal vulnerability in Apache HTTP Server, enabling unauthorized access to restricted resources. This tool is for educational purposes and authorized testing only. Unauthorized usage is unethical and illegal.
PoC: cve-2024-CVE-2024-41713
cve-2024-CVE-2024-41713
PoC: CVE-2024-41713POC
Mitel MiCollab 企业协作平台 任意文件读取漏洞(CVE-2024-41713)由于Mitel MiCollab软件的 NuPoint 统一消息 (NPM) 组件中存在身份验证绕过漏洞,并且输入验证不足,未经身份验证的远程攻击者可利用该漏洞执行路径遍历攻击,成功利用可能导致未授权访问、破坏或删除用户的数据和系统配置。影响范围:version < MiCollab 9.8 SP2 (9.8.2.12)
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free