CVE-2019-5475

HIGH LAB

Sonatype Nexus Repository Manager < 2.14.9-01 - OS Command Injection

Title source: rule

Description

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

Exploits (4)

nomisec WORKING POC 7 stars

by jaychouzzk · poc

https://github.com/jaychouzzk/CVE-2019-5475-Nexus-Repository-Manager-

View Code ZIP pw:eip

nomisec WORKING POC 4 stars

by EXP-Docs · poc

https://github.com/EXP-Docs/CVE-2019-5475

View Code ZIP pw:eip

nomisec WORKING POC 4 stars

by rabbitmask · poc

https://github.com/rabbitmask/CVE-2019-5475-EXP

View Code ZIP pw:eip

inthewild WORKING POC

poc

https://github.com/lyy289065406/cve-2019-5475

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory] https://hackerone.com/reports/654888

Scores

CVSS v3 8.8

EPSS 0.7960

EPSS Percentile 99.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull sonatype/nexus:2.14.9-01

docker pull sonatype/nexus:2.14.14-01

https://github.com/jaychouzzk/CVE-2019-5475-Nexus-Repository-Manager-

https://github.com/rabbitmask/CVE-2019-5475-EXP

https://github.com/EXP-Docs/CVE-2019-5475

+1 more repos

View in Library

Details

CWE

CWE-78

Status published

Products (2)

org.sonatype.nexus.plugins/nexus-yum-repository-plugin 0 - 2.14.14Maven

sonatype/nexus_repository_manager 2.0 - 2.14.9-01

Published Sep 03, 2019

Tracked Since Feb 18, 2026