An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server.Referenceshttps://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/
