CVE-2020-10199

Description

Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).

NVD
Severity: HIGH
CVE ID: CVE-2020-10199
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2020-10199

Refrence: Project Discovery GitHub

wsfengfan

CVE-2020-10199 CVE-2020-10204 Python POC

Refrence: GitHub

jas502n

CVE-2020-10199、CVE-2020-10204、CVE-2020-11444

Refrence: GitHub

magicming200

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

Refrence: GitHub

zhzyker

CVE-2020-10199 Nexus <= 3.21.1 远程代码执行脚本(有回显)

Refrence: GitHub

aleenzz

CVE-2020-10199 回显版本

Refrence: GitHub

hugosg97

Sonatype Nexus 3.21.01 - Remote Code Execution (Authenticated - Updated)

Refrence: GitHub

Content on GitHub

zhzyker | watchers:4026

exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Refrence: GitHub

Description​

Proof Of Concept​

Content on GitHub​

Description

Proof Of Concept

Content on GitHub