vendor:
Nexus Repository Manager
by:
Alvaro Muñoz, wvu
8.8
CVSS
HIGH
Java Expression Language (EL) Injection
502
CWE
Product Name: Nexus Repository Manager
Affected Version From: Nexus Repository Manager <= 3.21.1
Affected Version To: Nexus Repository Manager <= 3.21.1
Patch Exists: YES
Related CWE: CVE-2020-10199
CPE: a:sonatype:nexus_repository_manager
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Linux, Windows, Mac
2020
Nexus Repository Manager Java EL Injection RCE
This module exploits a Java Expression Language (EL) injection in Nexus Repository Manager versions up to and including 3.21.1 to execute code as the Nexus user. This is a post-authentication vulnerability, so credentials are required to exploit the bug. Any user regardless of privilege level may be used.
Mitigation:
Upgrade to Nexus Repository Manager version 3.21.2 or later
