VDB
CNVD-2020-60093
CNVD-2020-60093
PUBLISHED
CVSS 7.199999809265137 HIGH
Pulse Secure Pulse Connect Secure(又名PCS,前称Juniper Junos Pulse)是美国Pulse Secure公司的一套SSL VPN解决方案。 Pulse Connect Secure 9.1R9之前版本的管理Web界面存在任意代码执行漏洞。认证攻击者可通过不受控gzip提取利用该漏洞执行任意代码。
Risk Scores
CVSS 3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Pulse Connect Secure / Pulse Policy Secure | 9.1R9 |
Exploit Intelligence
- cve-2015-9251 (github-poc)
- cve-2015-9251 (github-poc)
- This repository contains a Proof of Concept (PoC) for CVE-2015-9251, a vulnerability in jQuery versions prior to 3.0.0 that allows attackers to perform Cross-Site Scripting (XSS) attacks under certain conditions. (github-poc)
- This repository contains a Proof of Concept (PoC) for CVE-2015-9251, a vulnerability in jQuery versions prior to 3.0.0 that allows attackers to perform Cross-Site Scripting (XSS) attacks under certain conditions. (github-poc)
- PoC para CVE-2015-9251 jQuery menor a 3.0.0. (github-poc)
- PoC para CVE-2015-9251 jQuery menor a 3.0.0. (github-poc)
- halkichi0308/CVE-2015-9251 (github-poc)
- halkichi0308/CVE-2015-9251 (github-poc)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8260 (circl)
- http://packetstormsecurity.com/files/160619/Pulse-Secure-VPN-Remote-Code-Execution.html (circl)
…and 13 more exploits
Timeline
- Jan 18, 2018 CVE Published
- Dec 17, 2020 PoC Published
- Apr 21, 2021 PoC Published
- Aug 25, 2021 PoC Published
- Oct 25, 2021 PoC Published
- Nov 8, 2021 PoC Published
- Nov 20, 2021 PoC Published
- Nov 14, 2024 PoC Published
- Dec 24, 2024 PoC Published
- Feb 6, 2025 PoC Published
- Feb 23, 2025 PoC Published
- Feb 23, 2025 PoC Published