GobyVuls/Nexus/CVE-2019-7238/README.md

# CVE-2019-7238 Nexus Repository Manager 3 RCE

Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.

**Affected version**: Nexus < 3.15.0 

**[FOFA](https://fofa.so/result?qbase64=YXBwPSJOZXh1cy1SZXBvc2l0b3J5LU1hbmFnZXIi) query rule**: app="Nexus-Repository-Manager"

# Demo

![](CVE-2019-7238.gif)
ADD drupal_6340 2020-12-13 22:20:17 +08:00			`# CVE-2019-7238 Nexus Repository Manager 3 RCE`
ADD drupal_6340 2020-12-13 20:00:27 +08:00
ADD drupal_6340 2020-12-13 22:20:17 +08:00			`Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.`
ADD drupal_6340 2020-12-13 20:00:27 +08:00
ADD neuxs_7238 2020-12-13 23:03:39 +08:00			`Affected version: Nexus < 3.15.0`
ADD drupal_6340 2020-12-13 20:00:27 +08:00
ADD drupal_6340 2020-12-13 22:20:17 +08:00			`[FOFA](https://fofa.so/result?qbase64=YXBwPSJOZXh1cy1SZXBvc2l0b3J5LU1hbmFnZXIi) query rule: app="Nexus-Repository-Manager"`
ADD drupal_6340 2020-12-13 20:00:27 +08:00
			`# Demo`

ADD drupal_6340 2020-12-13 22:20:17 +08:00			`![](CVE-2019-7238.gif)`