[rootsenpai]

GeoServer is an open-source Java-based software server that enables users to view, edit, and share geospatial data. It offers a versatile and efficient solution for distributing geospatial information from various sources such as GIS databases, web-based data, and personal datasets.

In versions of GeoServer earlier than 2.23.2, 2.23.6, versions 2.24.0 to 2.24.3, and version 2.25.0, there exists a vulnerability (CVE-2024-36401) that permits Remote Code Execution (RCE) by unauthenticated users. This issue arises from the unsafe evaluation of property names as XPath expressions in multiple OGC request parameters.

Exploiting this vulnerability, an attacker can send a POST request containing a malicious XPath expression, which can result in arbitrary command execution as root on the system running GeoServer.

cheersssssssssssssss

[goforitnow]

hope it work thanks .

[xenocyd]

oh nice 1!! thanks for sharing

[kaliyugnepali11]

Thank you bro for the tool you have provded to me

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.

[racun0tak]

nice, I need to knoww this

[mrdot457]

fgggggggggggggggggggggggggggggggggggggggggggggggs

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Spamming | https://breachforums.rs/Forum-Ban-Appeals if you feel this is incorrect.

[NotSynz]

Well, lets se what is behind

[Breach_Forums]

Thanks so much bro, this is a very useful tutorial.

[Hawx01]

thank you for sharing this

[b19dr3am]

Good information, thanks for sharing my brother