Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2024-4956 PoC — Nexus Repository 3 - Path Traversal

Source
https://github.com/JolyIrsb/CVE-2024-4956
Associated Vulnerability
Title:Nexus Repository 3 - Path Traversal (CVE-2024-4956)
Description:Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.
Readme
# CVE-2024-4956
# All information is provided for informational purposes only.
# python3 CVE-2024-4956-threads.py
#  -> {targets_text_file}
#  -> {output_text_file}
# nuclei -t nuclei_active.yaml -l targets.txt
# nuclei -t nuclei_passive.yaml -l targets.txt -json-export output.json; then parse in any way

# targets.txt form:
# {IP}:{PORT}
# {IP}:{PORT}
# {IP}:{PORT}
# ...
# PoC
![image](https://github.com/user-attachments/assets/3ad43ad8-b81c-49ac-848b-2fcd27a23071)
File Snapshot

 [4.0K]  /data/pocs/4aa033dfe61887573089b6d69c56292fdd52b5b8
├── [1.6K]  CVE-2024-4956-threads.py
├── [ 719]  nuclei_active.yaml
├── [ 759]  nuclei_passive.yaml
└── [ 471]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →