Share
## https://sploitus.com/exploit?id=FEFC3A19-F06E-5C68-B2C5-EC37B8E9A2C0
# CVE-2024-27198
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions in TeamCity server, an attacker can take full control over all TeamCity projects, builds, agents and artifacts, finally the attacker will perfomn a RCE.

## Download
```bash
git clone https://github.com/jrbH4CK/CVE-2024-27198.git
cd CVE-2024-27198
```
## PoC
To create an account as admin privileges inside the server 
```bash
python3 cve-2024-27198.py http://example.com username password
```
### Demo:

#### Account creation

![Texto alternativo](./img/exploit-1.jpg)

#### User roles

![Texto alternativo](./img/exploit-2.jpg)


## Additional notes
- The explanation of this vulnerability is on https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
- Another reference https://nvd.nist.gov/vuln/detail/CVE-2024-27198
- The exploit was tested on JetBrains TeamCity version 2023.05.3 in a controlled environment
- FOR EDUCATIONAL PORPOUSES ONLY