CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
99.5%
This week, contributor h00die-gr3y added an interesting exploit module that targets the GeoServer open-source application. This software is used to view, edit, and share geospatial data. Versions prior to 2.23.6, versions between 2.24.0 and 2.24.3 and versions between 2.25.0 and 2.25.1 are unsafely evaluating property names as XPath expressions, which can lead to unauthenticated remote code execution. This vulnerability is identified as CVE-2024-36401, and affects all GeoServer instances. This has been confirmed to be exploitable through WFS GetFeature, WFS GetPropertyValue, WMS GetMap, WMS GetFeatureInfo, WMS GetLegendGraphic, and WPS Execute requests.
Authors: Steve Ikeoka, h00die-gr3y, and jheysel-r7 **Type:**Exploit Pull request:#19311 contributed by h00die-gr3y Path:multi/http/geoserver_unauth_rce_cve_2024_36401
AttackerKB reference: CVE-2024-36401
Description: This adds an exploit module for CVE-2024-36401, an unauthenticated RCE vulnerability in GeoServer versions prior to 2.23.6, between version 2.24.0 and 2.24.3 and in version 2.25.0, 2.25.1.
TARGETURI
description for the geoserver_unauth_rce_cve_2024_36401
module.rpc.call('session.compatible_modules', -1)
.You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from GitHub:
If you are a git
user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the commercial edition Metasploit Pro.
Be the first to learn about the latest vulnerabilities and cybersecurity news.
Subscribe Now
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
99.5%