Showing 1 - 2 of 2

CVE-2024-27198

Status Candidate

Overview

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible

JetBrains TeamCity Unauthenticated Remote Code Execution: Posted Mar 14, 2024; Authored by sfewer-r7 | Site metasploit.com; This Metasploit module exploits an authentication bypass vulnerability in JetBrains TeamCity. An unauthenticated attacker can leverage this to access the REST API and create a new administrator access token. This token can be used to upload a plugin which contains a Metasploit payload, allowing the attacker to achieve unauthenticated remote code execution on the target TeamCity server. On older versions of TeamCity, access tokens do not exist so the exploit will instead create a new administrator account before uploading a plugin. Older versions of TeamCity have a debug endpoint (/app/rest/debug/process) that allows for arbitrary commands to be executed, however recent version of TeamCity no longer ship this endpoint, hence why a plugin is leveraged for code execution instead, as this is supported on all versions tested.; tags | exploit, remote, arbitrary, code execution, bypass; advisories | CVE-2024-27198; SHA-256 | 68370990799fd1605fae05ac9ac3f36fd6659508fbfeef67d22e3cf720e8fa87; Download | Favorite | View

JetBrains TeamCity Authentication Bypass / Remote Code Execution: Posted Mar 6, 2024; Authored by W01fh4cker | Site github.com; JetBrains TeamCity versions prior to 2023.11.4 remote authentication bypass exploit that can be leveraged for user addition and remote code execution.; tags | exploit, remote, code execution; advisories | CVE-2024-27198; SHA-256 | 1eb2994a182c4436527b7e141ca0fa83da6821b9a33465277fc30e0e77a404f3; Download | Favorite | View

Page 1 of 1 Back 1 Next