← back
CVE-2024-6127

BC Security Empire Path Traversal RCE

CVSS 9.8 CRITICALEPSS 10.3%CWE-22CWE-434
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote code execution. A remote, unauthenticated attacker can exploit this vulnerability over HTTP by acting as a normal agent, completing all cryptographic handshakes, and then triggering an upload of payload data containing a malicious path.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
BC Security · Empire
public PoCs found1
cve_referencegithub.com/ACE-Responder/Empire-C2-RCE-PoCunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://aceresponder.com/blog/exploiting-empire-c2-frameworkhttps://github.com/ACE-Responder/Empire-C2-RCE-PoChttps://github.com/BC-SECURITY/Empire/blob/8283bbc77250232eb493bf1f9104fdd0d468962a/CHANGELOG.md?plain=1#L102https://vulncheck.com/advisories/empire-unauth-rce