Skip to content

0xNehru/mitel-micollab-exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 
exploit.py
exploit.py
 
 
targets.txt
targets.txt
 
 

Repository files navigation

Mitel MiCollab Exploit

Exploit for Mitel MiCollab Authentication Bypass and Arbitrary File Read Vulnerability (CVE-2024-41713)

Author: 0xNehru

Description

This repository contains a proof-of-concept (PoC) script to exploit two vulnerabilities in Mitel MiCollab:

  1. Authentication Bypass (CVE-2024-41713)
  2. Arbitrary File Read (Unassigned CVE)

A successful exploit allows unauthenticated access to sensitive system files on vulnerable Mitel MiCollab servers.

Usage

Prerequisites

  • Python 3.x
  • requests module (Install via pip install requests)

Example Usage

  1. Prepare a file (targets.txt) with the list of target URLs (one per line).
  2. Run the exploit: 
    python3 exploit.py --targets targets.txt --file /etc/passwd

About

Two critical vulnerabilities have been discovered in Mitel MiCollab, a popular unified communication platform. These flaws can allow attackers to gain unauthorized access to sensitive files and perform administrative actions

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages