Back to directory

WRITEUP #483

Jumpserver Preauth RCE Exploit Chain

RCEPassword resetAuthentication bypassPath traversalCryptographic issuesSecurity code review

by@edwardzpeng(zhiniang peng)

Program

JumpServer

Published

Jan 31, 2024

Added to HackDex

Feb 6, 2024

Read Full Writeuphttps://sites.google.com/site/zhiniangpeng/blogs/Jumpserver

▸ RELATED WRITEUPS

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)

RCEPath traversal

WhatsUp Gold Pre-Auth RCE WriteDataFile Primitive (CVE-2024-4883)

RCEPath traversal

WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive (CVE-2024-4885)

RCEPath traversal

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Built with ❤️ by Shubham Rawat