Proof of Concept: CVE-2024-20291 is an access control list (ACL) programming vulnerability for the port link subinterfaces of Cisco Nexus 3000 and 9000 series switches. In NX-OS offline mode, I was able to remotely unauthenticated to send traffic that should be blocked through the affected device.

This vulnerability is due to hardware misprogramming that occurs when the configuration of channel member ports is changed. Exploit successfully allows you to access network resources that need to be protected by the ACLs applied on the port channel subinterfaces.

Judging by my attempts to replicate the exploit from scratch, it was a bit sophisticated and markedly different from previous Cisco Nexus vulnerabilities. exploit.py is an exploit that is written in python and is capable of multithreading and IPS listing Vulnerable Cisco Nexus 3000 and 9000 series Before you begin, read the instructions for running in Readme.txt

any questions in TOX: 4R7G9T2Y1F8E6W3Q1A5S7D9F2G1H3J5K7L9Z2X1C3V5B7N9M2