Exploit for Exposure of Resource to Wrong Sphere in Fortra Filecatalyst_Workflow CVE-2024-25153

Name: Exploit for Exposure of Resource to Wrong Sphere in Fortra Filecatalyst_Workflow CVE-2024-25153
Rating: 5 (351 reviews)

2024-03-12 | CVSS 9.8

## https://sploitus.com/exploit?id=1F8FFA50-CB9E-54A3-A08B-A15D15B0BB68
# CVE-2024-25153
This is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.

Full technical details can be found at [https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst](https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst)

## Usage
Run the exploit using the following command:
```
CVE-2024-25153.py --host <hostname> --port <port> --url <url> --cmd <command>
```

Only the `--host` argument is required, and others are optional. Use the `--help` argument for full usage instructions.

## Disclaimer
This proof-of-concept is for demonstration purposes and should not be used for illegal activities. LRQA Nettitude are not responsible for any damage caused by the use or misuse of this code.