H00die Gr3y

A practical ethical hacker…

less than 1 minute read

Recently CVE-2024-36401 was announced that describes a vulnerability in GeoServer. GeoServer is an open-source software server written in Java that provides the ability to view, edit, and share geospatial data. It is designed to be a flexible, efficient solution for distributing geospatial data from a variety of sources such as Geographic Information System (GIS) databases, web-based data, and personal datasets.

Multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions.

Affected versions:

>= 2.24.0, < 2.24.4
>= 2.25.0, < 2.25.2
< 2.23.6

I created a Metaspoit module exploit/multi/http/geoserver_unauth_rce_cve_2024_36401 that has been released in main stream of Metasploit.

See also Metasploit-weekly-wrap-up-7-19-2024

Updated:

Leave a comment

You may also enjoy

How to spawn an UART shell?

less than 1 minute read

Hacking IoT hardware to find exploits is fun but can be challenging if you do not have access to the Firmware. Using Firmware emulation allows you to gain ac...

OpenMediaVault Metasploit exploit module

less than 1 minute read

This is a new module addressing an old vulnerability in OpenMediaVault, an open-source NAS solution. The vulnerability exists within all OpenMediaVault versi...

Welcome to my site!

less than 1 minute read

Hello world, this is my first blog post.