A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users.
This vulnerability is due to improper implementation of the password-change process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user.
Published: 2024-07-17
CVSS: 10.0
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Download Exploit for CVE-2024-20419 here:
Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.
https://augustaverburg.nl/exploit-165-cve-2025-6176/
https://augustaverburg.nl/exploit-651-cve-2021-31201/
https://augustaverburg.nl/exploit-676-cve-2004-2761/
https://augustaverburg.nl/exploit-234-cve-2023-43533/