Skip to content

Commit bd681f8

Browse files
msjenkins-r7msjenkins-r7
committed
automatic module_metadata_base.json update
1 parent fa734b5 commit bd681f8

File tree

1 file changed

+7
-6
lines changed

1 file changed

+7
-6
lines changed

db/modules_metadata_base.json

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -102029,17 +102029,19 @@
102029102029
"author": [
102030102030
"h00die-gr3y <[email protected]>",
102031102031
"jheysel-r7",
102032-
"Steve Ikeoka"
102032+
"Steve Ikeoka",
102033+
"Valentin Lobstein a.k.a chocapikk"
102033102034
],
102034102035
"description": "GeoServer is an open-source software server written in Java that provides\n the ability to view, edit, and share geospatial data.\n It is designed to be a flexible, efficient solution for distributing geospatial data\n from a variety of sources such as Geographic Information System (GIS) databases,\n web-based data, and personal datasets.\n In the GeoServer versions < 2.23.6, >= 2.24.0, < 2.24.4 and >= 2.25.0, < 2.25.1,\n multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users\n through specially crafted input against a default GeoServer installation due to unsafely\n evaluating property names as XPath expressions.\n An attacker can abuse this by sending a POST request with a malicious xpath expression\n to execute arbitrary commands as root on the system.",
102035102036
"references": [
102036102037
"CVE-2024-36401",
102037102038
"URL-https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv",
102038102039
"URL-https://github.com/vulhub/vulhub/tree/master/geoserver/CVE-2024-36401",
102039-
"URL-https://attackerkb.com/topics/W6IDY2mmp9/cve-2024-36401"
102040+
"URL-https://attackerkb.com/topics/W6IDY2mmp9/cve-2024-36401",
102041+
"URL-https://github.com/Chocapikk/CVE-2024-36401"
102040102042
],
102041-
"platform": "Linux,Unix",
102042-
"arch": "cmd, x86, x64, aarch64, armle",
102043+
"platform": "Linux,Unix,Windows",
102044+
"arch": "cmd",
102043102045
"rport": 8080,
102044102046
"autofilter_ports": [
102045102047
80,
@@ -102058,10 +102060,9 @@
102058102060
],
102059102061
"targets": [
102060102062
"Unix Command",
102061-
"Linux Dropper",
102062102063
"Windows Command"
102063102064
],
102064-
"mod_time": "2024-07-16 11:20:35 +0000",
102065+
"mod_time": "2024-08-16 09:39:38 +0000",
102065102066
"path": "/modules/exploits/multi/http/geoserver_unauth_rce_cve_2024_36401.rb",
102066102067
"is_install_path": true,
102067102068
"ref_name": "multi/http/geoserver_unauth_rce_cve_2024_36401",

0 commit comments

Comments
 (0)