关联漏洞
Description
Nexus Repository 3 Path Traversal (CVE-2024-4956)
介绍
# Day 4 – Nexus Repository 3 Path Traversal (CVE-2024-4956)
**What:** Unauthenticated path traversal lets anyone download arbitrary files with a crafted URL.
**Vuln:** Affects Nexus Repo 3 versions **≤ 3.68.0**. Fixed in **3.68.1**.
**Source:** Sonatype advisory + NVD.
**Safety:** Lab is local-only. Don’t target systems you don’t own.
## Setup
```bash
docker build -t day4-nexus-4956 .
docker run -d -p 8081:8081 --name day4 day4-nexus-4956
# Boot takes ~1–2 minutes; watch: docker logs -f day4
curl -I httphttp://localhost:8081/
```
! If you stuck you can use ./exploit.sh (after the container is running)
文件快照
[4.0K] /data/pocs/b6d8d765d5965ee99fe239131c461fb66ffa4c11
├── [ 255] DISCLAIMER.md
├── [ 490] Dockerfile
├── [ 620] entrypoint.sh
├── [ 527] exploit.sh
└── [ 629] README.md
0 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →