Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server
No PoCs from references.
- https://github.com/20142995/nuclei-templates
- https://github.com/A0be/CVE-2024-37084-Exp
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/AlienTec1908/Mathdop_HackMyVM_Easy
- https://github.com/Kayiyan/CVE-2024-37084-Poc
- https://github.com/Ly4j/CVE-2024-37084-Exp
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/Threekiii/CVE
- https://github.com/XiaomingX/cve-2024-37084-Poc
- https://github.com/cyb3r-w0lf/nuclei-template-collection
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/tylzars/awesome-vrre-writeups
- https://github.com/vuhz/CVE-2024-37084