Ivanti Sentry RCE actively exploited (CVE-2026-10520) [PoC]
CVE-2026-10520
CVE-2026-10520: Ivanti Sentry unauthenticated RCE via OS command injection (CVSS 10.0). Actively exploited in the wild. Update to R10.5.2, R10.6.2, or R10.7.1 immediately.
Actively exploited in the wild - CVE-2026-10520 is a critical OS command injection vulnerability in Ivanti Sentry before versions R10.5.2, R10.6.2, and R10.7.1 that grants unauthenticated attackers root-level remote code execution on the appliance. Patched versions are available - upgrade immediately to block active exploitation.
Overview
CVE-2026-10520 is a pre-authentication OS command injection vulnerability in Ivanti Sentry, a network security gateway appliance. The flaw resides in a web-accessible component that fails to sanitize user-supplied input before passing it to the operating system shell. A remote attacker can send a crafted HTTP request to the vulnerable endpoint and execute arbitrary operating system commands as the root user, completely compromising the appliance.
This vulnerability carries the maximum CVSS v3.1 base score of 10.0 (Critical) because it is remotely exploitable over the network without authentication, user interaction, or any special privileges. The entire management and forwarding plane of the Sentry appliance is at risk.
Affected Versions
Ivanti Sentry versions prior to:
- R10.5.2
- R10.6.2
- R10.7.1
Active Exploitation Status
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-10520 to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in real-world attacks. The EPSS model estimates a 3.3% probability of exploitation in the next 30 days, which is significantly elevated. Organizations should treat this as an immediate and ongoing threat.
Impact
Successful exploitation gives a remote, unauthenticated attacker full root-level control of the Ivanti Sentry appliance. An attacker can:
- Extract or modify all network traffic passing through the appliance
- Deploy persistent backdoors or malware
- Pivot to internal networks protected by the Sentry gateway
- Disrupt critical network connectivity
- Access stored credentials and configuration secrets
Remediation
Ivanti has released fixed versions R10.5.2, R10.6.2, and R10.7.1. The immediate action is to upgrade to the respective patched version based on your current release branch.
If immediate patching is not possible, restrict network access to the Sentry management interface to trusted internal IP addresses only. Disable any unnecessary web-based management interfaces. Monitor for suspicious HTTP requests targeting the vulnerable endpoint.
Security Insight
This vulnerability follows a pattern seen in other Ivanti product flaws - an OS command injection that bypasses authentication on a perimeter device. The CVSS 10.0 rating and the CISA KEV designation underscore that unauthenticated RCE on edge appliances represents one of the highest classes of risk in enterprise networks. Organizations running Ivanti Sentry should treat this as a critical incident requiring immediate patching, as the window between disclosure and active exploitation appears to have already closed.
Further Reading
Never miss a critical vulnerability
Get real-time security alerts delivered to your preferred platform.
Public PoC References
Unverified third-party code
These repositories are publicly listed on GitHub and have not been audited by Yazoul Security. They may contain malware, backdoors, destructive payloads, or operational security risks (telemetry, exfiltration). Treat them as hostile binaries. Inspect source before execution. Run only in isolated, disposable lab environments (offline VM, no credentials, no production data).
Authorized use only. This information is provided for defensive research, detection engineering, and patch validation. Using exploit code against systems you do not own or do not have explicit written permission to test is illegal in most jurisdictions and violates Yazoul's terms of use.
| Repository | Stars |
|---|---|
| watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523 | ★ 7 |
| 0xBlackash/CVE-2026-10520 CVE-2026-10520 | ★ 2 |
Showing 2 of 2 known references. Source: nomi-sec/PoC-in-GitHub.
Nuclei Detection Templates
Detection template available — your exposure is being scanned
The templates below are YAML signatures for the Nuclei scanner from ProjectDiscovery. They are not exploit code — they are detection rules that confirm whether a target is vulnerable. The presence of a Nuclei template means every bug bounty hunter, AppSec team, red team, and reconnaissance pipeline on the public internet is actively probing for this CVE.
Assume your exposed instances have already been touched. Patch immediately even if no exploitation is observed yet — fingerprinting precedes exploitation by days at most.
| Template | Source |
|---|---|
CVE-2026-10520.yaml | View YAML |
1 Nuclei template indexed for this CVE. Source: projectdiscovery/nuclei-templates.
Related Advisories
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, all Docker container management endpoints in Termix interpolate th...
Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and int...
WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's `test.php` adds `escapeshellarg` for wget but leaves the `file_get_contents` and `cur...
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication i...