by @jakaba
12 Jul 2024

GeoServer RCE (CVE-2024-36401)

by @jakaba
12 Jul 2024

GeoServer RCE (CVE-2024-36401)

CVEs

9.8 Critical Severity

Apps

G
GeotoolsGeotools
29.6.*
29.4.*
29.3.*
29.5.*
27.4.*
27.3.*
25.7.*
28.5.*
28.3.*
25.5.*
Geoserver
GeoserverGeoserver
*.BETA4
2.24.3.*
2.24.4.*
2.18.6.*
2.18.5.*
2.18.2.*
2.16.5.*
2.20.6.*
2.24.2.*
2.22.3.*

Screenshots from the blog posts

images/clyinfknzgc5p1gn6d5v354n1.jpgimages/clyinfknzgc5p1gn6d5v354n1.jpg

Summary

The GeoServer RCE vulnerability (CVE-2024-36401) arises from an insecure manner in which the GeoTools library API, utilized by GeoServer, passes attribute names of element types to the commons-jxpath library.

Description

users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)