Full title: Ivanti EPM Agent Portal Command Execution Exploit Category: remote exploits Platform: windows This Metasploit module leverages an unauthenticated remote command execution vulnerability in Ivanti's EPM Agent Portal where an RPC client can invoke a method which will run an attacker-specified string on the remote target as NT AUTHORITY\SYSTEM. This vulnerability is present in versions prior to EPM 2021.1 Su4 and EPM 2022 Su2. # 0day.today @ http://0day.today/