Exploit for #VU26533 Code Injection in Nexus Repository Manager
Vulnerability identifier: #VU26533
Vulnerability risk: High
CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-94
Exploitation vector: Network
Exploits in database: 10
- June 14, 2023
- June 17, 2021
- January 18, 2021
- poc (CVE-2020-14882) [Github]
- June 3, 2020
- CVE-2020-10199-10204 (CVE-2020-10199 CVE-2020-10204 Python POC) [Github]
- CVE-2020-10199 (CVE-2020-10199、CVE-2020-10204、CVE-2020-11444) [Github]
- CVE-2020-10199_CVE-2020-10204 (CVE-2020-10199、CVE-2020-10204漏洞一键检测工具,图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.) [Github]
- CVE-2020-10199 (CVE-2020-10199 回显版本) [Github]
- CVE-2020-10199_POC-EXP (CVE-2020-10199 Nexus <= 3.21.1 远程代码执行脚本(有回显)) [Github]
- April 16, 2020
- Nexus Repository Manager Java EL Injection RCE [Metasploit]
Impact: Code execution
Vulnerable software:
Nexus Repository Manager
Server applications /
Other server solutions
Vendor: Sonatype Inc.
