.. / CVE-2019-7238

Exploit for Sonatype Nexus Repository Manager <3.15.0 - Remote Code Execution (CVE-2019-7238)

Description:

Sonatype Nexus Repository Manager before 3.15.0 is susceptible to remote code execution.

Nuclei Template

View the template here CVE-2019-7238.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-7238.yaml

References:

https://github.com/ycdxsb/Exploits
https://nvd.nist.gov/vuln/detail/CVE-2019-7238
https://github.com/jas502n/CVE-2019-7238
https://support.sonatype.com/hc/en-us/articles/360017310793-CVE-2019-7238-Nexus-Repository-Manager-3-Missing-Access-Controls-and-Remote-Code-Execution-February-5th-2019
https://github.com/zhangchi991022/Comprehensive-experiment-of-infomation-security