Online Nexus Repository Manager 3 RCE Vulnerability CVE-2020-10199 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

30

Online Nexus Repository Manager 3 RCE Vulnerability CVE-2020-10199 Scanner Detail

If you are using Nexus Repository Manager 3, it is better to check your system if any vulnerability exists.

Vulnerability

A Remote Code Execution vulnerability has been discovered in Nexus Repository Manager requiring immediate action. The vulnerability allows for an attacker with any type of account on NXRM to execute arbitrary code by crafting a malicious request to NXRM.

This vulnerability was identified by an external researcher and has been verified by Sonatype security team. The identified vulnerability can allow for the user to evaluate any code they send on the system, that the user running the server has privileges to.

Some Advice for Common Problems

We are highly recommending all affected instances of NXRM be upgraded to NXRM 3.21.2 or later. The latest version can be downloaded here.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service