by vicarius
log in join community
by @jakaba
12 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

GeoServer RCE (CVE-2024-36401)

by @jakaba
by @jakaba
12 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

GeoServer RCE (CVE-2024-36401)

CVEs

CVE-2024-36401
9.8 Critical Severity

Apps

G
GeotoolsGeotools
29.6.*
29.4.*
29.3.*
29.5.*
27.4.*
27.3.*
25.7.*
28.5.*
28.3.*
25.5.*
G
GeoserverGeoserver
*.BETA4
2.24.3.*
2.24.4.*
2.18.6.*
2.18.5.*
2.18.2.*
2.16.5.*
2.20.6.*
2.24.2.*
2.22.3.*

Screenshots from the blog posts

images/clyinfknzgc5p1gn6d5v354n1.jpgimages/clyinfknzgc5p1gn6d5v354n1.jpg

Summary

The GeoServer RCE vulnerability (CVE-2024-36401) arises from an insecure manner in which the GeoTools library API, utilized by GeoServer, passes attribute names of element types to the commons-jxpath library.

Description

Tags

#RCE#exposed_to_RCE_attack#CVE-2024-36401#GeoServer
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)