## https://sploitus.com/exploit?id=6B48ADEC-92AC-5CAA-B468-946109BA6078
JetBrains TeamCity Authentication Bypass + RCE (CVE-2024-56348) PoC
## ๐ Description
CVE-2024-56348 is a critical authentication bypass vulnerability in **JetBrains TeamCity on-premises** affecting all versions prior to **2024.12**. The REST API improperly handles requests to paths containing `;.jsp`, allowing an unauthenticated attacker to invoke any REST endpoint as if fully authenticated.
This exploit chains the bypass with TeamCity's own REST API to create a `SYSTEM_ADMIN` account, mint an API token, and achieve **full remote code execution** โ either through the built-in debug endpoint or a dynamically uploaded JSP plugin webshell. No credentials required.
**Affected versions:** JetBrains TeamCity on-premises If the script returns "[-] Plugin upload failed." try to login with hackindex user and try again. (credentials can be found in [DOCKER.md](/docker/DOCKER.md))
## ๐ต๐ผ References
- [JetBrains Security Advisory โ CVE-2024-56348](https://www.jetbrains.com/privacy-security/issues-fixed/)
- [NVD โ CVE-2024-56348](https://nvd.nist.gov/vuln/detail/CVE-2024-56348)
- [HackIndex](https://hackindex.io/vulnerabilities/CVE-2024-56348)
## ๐ข Disclaimer
This tool is provided for educational and research purposes only. The creator assumes no responsibility for any misuse or damage caused by this tool.