GitHub - rampantspark/CVE-2024-27198: A PoC for CVE-2024-27198 written in golang

CVE-2024-27198

Auth bypass for TeamCity Server version 2023.11.3 and below.

NIST: https://nvd.nist.gov/vuln/detail/CVE-2024-27198

Rapid7 blog post: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/

Example Usage

go run CVE-2024-27198.go -h
  -s string
    	TeamCity Server
  -p string
    	New admin password
  -u string
    	New admin username
  -proxy
        Proxy URL (optional)

go run CVE-2024-27198.go -s http://IP_OR_FQDN:PORT -u new_admin_username -p new_admin_password -proxy http://IP_OR_FQDN:PORT

*Please Refer to https://github.com/yoryio/CVE-2024-27198 for instructions on setting up a lab environment.

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
CVE-2024-27198.go		CVE-2024-27198.go
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2024-27198

Auth bypass for TeamCity Server version 2023.11.3 and below.

Example Usage

About

Releases

Packages

Languages

rampantspark/CVE-2024-27198

Folders and files

Latest commit

History

Repository files navigation

CVE-2024-27198

Auth bypass for TeamCity Server version 2023.11.3 and below.

Example Usage

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages