Evan Boehs on Nostr: >be me >notify company that their ivanti corporate VPN is vulnerable to RCE >link ...
>be me
>notify company that their ivanti corporate VPN is vulnerable to RCE
>link them to POC for *newer* ivanti versions
>tell them that their version is a published affected versions
>triagers close because the byte offsets in the POC are for a newer version, therefore they aren't impacted 🤡
>notify company that their ivanti corporate VPN is vulnerable to RCE
>link them to POC for *newer* ivanti versions
>tell them that their version is a published affected versions
>triagers close because the byte offsets in the POC are for a newer version, therefore they aren't impacted 🤡