CVE-2024-2389: Command Injection Vulnerability In Progress Flowmon
David Yesland
April 23, 2024
After our initial research into other Progress products we decided to take a look at another Progress product, Flowmon. This led to the discovery of an unauthenticated command injection vulnerability, which when coupled with a privilege…
In Part 2 of this post, we walk through our two new Cognito modules for Pacu, our open-source AWS exploitation framework. If you’re not familiar with accessing AWS Cognito, feel free to check out Part 1: Accessing AWS Cognito Security…