.. / CVE-2024-27198

Exploit for JetBrains TeamCity < 2023.11.4 - Authentication Bypass (CVE-2024-27198)

Description:

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible.

Affected Products:

Proof of Concept

PoC exploit

Nuclei Template

View the template here CVE-2024-27198.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-27198.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-27198
https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
https://github.com/rampantspark/CVE-2024-27198