{"uuid": "9a6020f6-8e31-4e8c-bcd9-a125c898a402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41958", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/2144", "content": "\ud83d\udea8PoC Released for CVE-2024-41958\n\nhttps://darkwebinformer.com/poc-released-for-cve-2024-41958/\n\nLink: https://github.com/OrangeJuiceHU/CVE-2024-41958-PoC\n\n\"This is a small proof of concept for CVE-2024-41958.\n\nIt is possible to bypass the TFA authentication on the admin panel.\n\nAffected versions: < 2024-07\n\nPrerequisites needed for the CVE to function:\n\nPassword and username for an account without TFA.\nPassword and username for an account which has TFA enabled.\nMailcow version below 2024-07.\nHow to use the poc:\n\nInstall the dependency\npip install -r requirements.txt\nFill in the necessary informations in the sript\nURL\nPassword and username for the user who does not have TFA enabled\nPassword and username for the user who has TFA enabled\nRun the script\npython poc.py\nThe output if the script works fine:\n\nPoC works!\n\nPHPSESSID=6cd6779a5e499a0e7708aed3aae9d3a4\n\nCopy the PHPSESSID and set the cookie in your browser\nRefresh the page\n\nYou are now logged in as the user with TFA enabled\"", "creation_timestamp": "2024-08-06T15:30:55.000000Z"}