[ { "id": 824152890, "name": "CVE-2024-36401", "full_name": "bigb0x\/CVE-2024-36401", "owner": { "login": "bigb0x", "id": 13532434, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", "html_url": "https:\/\/github.com\/bigb0x", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36401", "description": "POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.", "fork": false, "created_at": "2024-07-04T13:19:47Z", "updated_at": "2024-12-06T09:40:42Z", "pushed_at": "2024-07-04T19:18:04Z", "stargazers_count": 32, "watchers_count": 32, "has_discussions": false, "forks_count": 18, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 18, "watchers": 32, "score": 0, "subscribers_count": 1 }, { "id": 824386148, "name": "CVE-2024-36401", "full_name": "Niuwoo\/CVE-2024-36401", "owner": { "login": "Niuwoo", "id": 57100441, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57100441?v=4", "html_url": "https:\/\/github.com\/Niuwoo", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Niuwoo\/CVE-2024-36401", "description": "POC", "fork": false, "created_at": "2024-07-05T03:02:30Z", "updated_at": "2024-11-20T16:30:53Z", "pushed_at": "2024-07-05T03:05:39Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 824643210, "name": "CVE-2024-36401", "full_name": "RevoltSecurities\/CVE-2024-36401", "owner": { "login": "RevoltSecurities", "id": 119435129, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", "html_url": "https:\/\/github.com\/RevoltSecurities", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-36401", "description": "Exploiter a Vulnerability detection and Exploitation tool for GeoServer Unauthenticated Remote Code Execution CVE-2024-36401.", "fork": false, "created_at": "2024-07-05T15:24:50Z", "updated_at": "2024-07-20T21:01:18Z", "pushed_at": "2024-07-05T15:33:09Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 824794128, "name": "CVE-2024-36401", "full_name": "Mr-xn\/CVE-2024-36401", "owner": { "login": "Mr-xn", "id": 18260135, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", "html_url": "https:\/\/github.com\/Mr-xn", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-36401", "description": "Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit", "fork": false, "created_at": "2024-07-06T01:10:28Z", "updated_at": "2024-12-18T15:53:25Z", "pushed_at": "2024-07-06T01:57:58Z", "stargazers_count": 44, "watchers_count": 44, "has_discussions": false, "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve", "cve-2024-36401", "geoserver", "poc", "rce", "vulnerabilities" ], "visibility": "public", "forks": 6, "watchers": 44, "score": 0, "subscribers_count": 1 }, { "id": 827686717, "name": "CVE-2024-36401-GeoServer-RCE", "full_name": "jakabakos\/CVE-2024-36401-GeoServer-RCE", "owner": { "login": "jakabakos", "id": 42498816, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", "html_url": "https:\/\/github.com\/jakabakos", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-36401-GeoServer-RCE", "description": null, "fork": false, "created_at": "2024-07-12T07:01:12Z", "updated_at": "2024-07-12T07:07:18Z", "pushed_at": "2024-07-12T07:07:14Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 829775784, "name": "geoserver-", "full_name": "ahisec\/geoserver-", "owner": { "login": "ahisec", "id": 3255339, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3255339?v=4", "html_url": "https:\/\/github.com\/ahisec", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/ahisec\/geoserver-", "description": "geoserver CVE-2024-36401漏洞利用工具", "fork": false, "created_at": "2024-07-17T02:25:21Z", "updated_at": "2025-01-14T08:01:08Z", "pushed_at": "2024-07-24T15:33:03Z", "stargazers_count": 17, "watchers_count": 17, "has_discussions": false, "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 4, "watchers": 17, "score": 0, "subscribers_count": 0 }, { "id": 835900082, "name": "CVE-2024-36401", "full_name": "Chocapikk\/CVE-2024-36401", "owner": { "login": "Chocapikk", "id": 88535377, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", "html_url": "https:\/\/github.com\/Chocapikk", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-36401", "description": "GeoServer Remote Code Execution", "fork": false, "created_at": "2024-07-30T18:43:40Z", "updated_at": "2024-12-26T04:35:42Z", "pushed_at": "2024-08-02T14:57:26Z", "stargazers_count": 77, "watchers_count": 77, "has_discussions": false, "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 12, "watchers": 77, "score": 0, "subscribers_count": 1 }, { "id": 836929821, "name": "CVE-2024-36401-PoC", "full_name": "yisas93\/CVE-2024-36401-PoC", "owner": { "login": "yisas93", "id": 115517295, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115517295?v=4", "html_url": "https:\/\/github.com\/yisas93", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/yisas93\/CVE-2024-36401-PoC", "description": null, "fork": false, "created_at": "2024-08-01T21:22:51Z", "updated_at": "2024-08-01T21:30:07Z", "pushed_at": "2024-08-01T21:30:04Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 848340676, "name": "geoexplorer", "full_name": "justin-p\/geoexplorer", "owner": { "login": "justin-p", "id": 8249280, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8249280?v=4", "html_url": "https:\/\/github.com\/justin-p", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/justin-p\/geoexplorer", "description": "Mass scanner for CVE-2024-36401", "fork": false, "created_at": "2024-08-27T15:28:04Z", "updated_at": "2024-10-23T10:07:20Z", "pushed_at": "2024-08-27T16:16:15Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 856852823, "name": "CVE-2024-36401-PoC", "full_name": "daniellowrie\/CVE-2024-36401-PoC", "owner": { "login": "daniellowrie", "id": 19762230, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19762230?v=4", "html_url": "https:\/\/github.com\/daniellowrie", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/daniellowrie\/CVE-2024-36401-PoC", "description": "Proof-of-Concept Exploit for CVE-2024-36401 GeoServer 2.25.1", "fork": false, "created_at": "2024-09-13T10:28:48Z", "updated_at": "2024-10-12T17:59:41Z", "pushed_at": "2024-09-26T13:20:32Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 864563382, "name": "GeoServer-CVE-2024-36401", "full_name": "punitdarji\/GeoServer-CVE-2024-36401", "owner": { "login": "punitdarji", "id": 38101321, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4", "html_url": "https:\/\/github.com\/punitdarji", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/punitdarji\/GeoServer-CVE-2024-36401", "description": "GeoServer CVE-2024-36401: Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions", "fork": false, "created_at": "2024-09-28T14:55:50Z", "updated_at": "2024-09-30T09:00:33Z", "pushed_at": "2024-09-28T14:58:44Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 2, "score": 0, "subscribers_count": 1 }, { "id": 868038376, "name": "CVE-2024-36401", "full_name": "netuseradministrator\/CVE-2024-36401", "owner": { "login": "netuseradministrator", "id": 96680088, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96680088?v=4", "html_url": "https:\/\/github.com\/netuseradministrator", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/netuseradministrator\/CVE-2024-36401", "description": "geoserver图形化漏洞利用工具", "fork": false, "created_at": "2024-10-05T10:08:55Z", "updated_at": "2025-01-18T13:03:26Z", "pushed_at": "2024-10-08T03:16:26Z", "stargazers_count": 34, "watchers_count": 34, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 34, "score": 0, "subscribers_count": 1 }, { "id": 872538624, "name": "CVE-2024-36401", "full_name": "kkhackz0013\/CVE-2024-36401", "owner": { "login": "kkhackz0013", "id": 183632565, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183632565?v=4", "html_url": "https:\/\/github.com\/kkhackz0013", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/kkhackz0013\/CVE-2024-36401", "description": null, "fork": false, "created_at": "2024-10-14T15:57:06Z", "updated_at": "2024-10-14T17:16:07Z", "pushed_at": "2024-10-14T17:16:03Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 892410177, "name": "CVE-2024-36401-WoodpeckerPlugin", "full_name": "thestar0\/CVE-2024-36401-WoodpeckerPlugin", "owner": { "login": "thestar0", "id": 97114131, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97114131?v=4", "html_url": "https:\/\/github.com\/thestar0", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/thestar0\/CVE-2024-36401-WoodpeckerPlugin", "description": "CVE-2024-36401-GeoServer Property 表达式注入 Rce woodpecker-framework 插件", "fork": false, "created_at": "2024-11-22T03:57:12Z", "updated_at": "2024-12-18T20:13:38Z", "pushed_at": "2024-11-23T08:24:26Z", "stargazers_count": 12, "watchers_count": 12, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 12, "score": 0, "subscribers_count": 1 }, { "id": 892655439, "name": "cve-2024-36401-poc", "full_name": "XiaomingX\/cve-2024-36401-poc", "owner": { "login": "XiaomingX", "id": 5387930, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", "html_url": "https:\/\/github.com\/XiaomingX", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-36401-poc", "description": "CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件,主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理: 该漏洞源于GeoServer在处理属性名称时,将其不安全地解析为XPath表达式。具体而言,GeoServer调用的GeoTools库API在评估要素类型的属性名称时,以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码,攻击者可以通过构造特定的输入,利用多个OGC请求参数(如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等),在未经身份验证的情况下远程执行任意代码。 ", "fork": false, "created_at": "2024-11-22T14:21:53Z", "updated_at": "2025-01-22T06:18:49Z", "pushed_at": "2024-11-22T14:22:57Z", "stargazers_count": 5, "watchers_count": 5, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 5, "score": 0, "subscribers_count": 1 }, { "id": 895213731, "name": "CVE-2024-36401", "full_name": "0x0d3ad\/CVE-2024-36401", "owner": { "login": "0x0d3ad", "id": 18898977, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", "html_url": "https:\/\/github.com\/0x0d3ad", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-36401", "description": "CVE-2024-36401 (GeoServer Remote Code Execution)", "fork": false, "created_at": "2024-11-27T19:13:49Z", "updated_at": "2024-11-30T19:28:17Z", "pushed_at": "2024-11-30T19:28:14Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 2, "score": 0, "subscribers_count": 1 } ]