497 matches found
GeoServer 2.25.1 Code Injection
============================================================================================================================================= | Title : GeoServer 2.25.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits...
Exploit for Code Injection in Geoserver
CVE-2024-36401 vulnerability graphical exploitation t...
Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
A suspected advanced persistent threat APT originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific APAC region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which w...
Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC
We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China...
Exploit for Code Injection in Geoserver
CVE-2024-36401-PoC Proof-of-Concept Exploit for CVE-2024-36401...
Critical GeoServer Vulnerability Exploited in Global Malware Campaign
A critical GeoServer vulnerability CVE-2024-36401 is being actively exploited, allowing attackers to take control of systems for malwareโฆ...
GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware
A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug...
GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
Summary GeoNode is vulnerable to an XML External Entity XXE injection in the style upload functionality of GeoServer leading to Arbitrary File Read. Details GeoNode's GeoServer has the ability to upload new styles for datasets through the datasetstyleupload view. py...
GHSA-MCMC-C59M-PQQ8 GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
Summary GeoNode is vulnerable to an XML External Entity XXE injection in the style upload functionality of GeoServer leading to Arbitrary File Read. Details GeoNode's GeoServer has the ability to upload new styles for datasets through the datasetstyleupload view. py...
Exploit for Code Injection in Geoserver
GeoExplorer GeoExplorer is a mass scanner project consisting...
OSGeo GeoServer Installed (Windows)
Binary data osgeogeoserverwininstalled.nbin...
GeoServer Jai-EXT RCE (CVE-2022-24816)
Binary data geoserverjaiextCVE-2022-24816.nbin...
OSGeo GeoServer RCE (CVE-2024-36401)
The version of OSGeo GeoServer installed on the remote host is affected by a remote code executionvulnerability, as follows: - Multiple OGC request parameters allow Remote Code Execution RCE by unauthenticated users through specially crafted input against a default GeoServer installation due to...
Exploit for Code Injection in Geoserver
CVE-2024-36401-PoC This repository contains a Proof of Conce...
GeoServer Remote Code Execution
GeoServer versions 2.23.6, 2.24.0 2.24.4, 2.25.0 2.25.2 are affected by a vulnerability allowing a remote unauthenticated attacker to execute arbitrary code via a specially forged request due to an unsafely evaluating property names as XPath expressions. No source data...
Exploit for Code Injection in Geoserver
๐ GeoServer Exploit for CVE-2024-36401 ๐ ๐ Description...
OSGeo GeoServer Service Detection
Binary data osgeogeoserverservicedetect.nbin...
The vulnerability of the GeoWebCache ByteStreamController component in the software for administrative and publishing of geospatial data on the OSGeo GeoServer server allows a perpetrator to circumvent existing security restrictions.
The vulnerability of the GeoWebCache ByteStreamController component in the software for administrative and publishing of geospatial data on the OSGeo GeoServer server is related to an incorrect limitation on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious...
OSGeo GeoServer Installed (Linux / Unix)
Binary data osgeogeoservernixinstalled.nbin...
A week in security (July 15 – July 21)
Last week on Malwarebytes Labs: CrowdStrike update at center of Windows "Blue Screen of Death" outage Number of data breach victims goes up 1,000% Gen Z breakups tainted by login abuse for spying and stalking, research shows Rite Aid says 2.2 million people affected in data breach AI device Rabbi...