.. / CVE-2024-23917

Exploit for JetBrains TeamCity < 2023.11.3 - Authentication Bypass (CVE-2024-23917)

Description:

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible

Affected Products:

Proof of Concept

PoC exploit

Nuclei Template

View the template here CVE-2024-23917.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-23917.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-23917
https://github.com/fkie-cad/nvd-json-data-feeds
https://www.rapid7.com/db/vulnerabilities/jetbrains-teamcity-cve-2024-23917/