### [CVE-2024-27199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27199)
![](https://img.shields.io/static/v1?label=Product&message=TeamCity&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%202023.11.4%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23&color=brighgreen)

### Description

In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions  was possible

### POC

#### Reference
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive

#### Github
- https://github.com/0xMarcio/cve
- https://github.com/CharonDefalt/CVE-2024-27198-RCE
- https://github.com/Donata64/tc_test01
- https://github.com/GhostTroops/TOP
- https://github.com/Shimon03/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-
- https://github.com/Stuub/RCity-CVE-2024-27198
- https://github.com/W01fh4cker/CVE-2024-27198-RCE
- https://github.com/ZonghaoLi777/githubTrending
- https://github.com/aneasystone/github-trending
- https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/hcy-picus/emerging_threat_simulator
- https://github.com/jafshare/GithubTrending
- https://github.com/johe123qwe/github-trending
- https://github.com/juev/links
- https://github.com/marl-ot/DevSecOps-2024
- https://github.com/nitish778191/fitness_app
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/passwa11/CVE-2024-27198-RCE
- https://github.com/rampantspark/CVE-2024-27198
- https://github.com/sampsonv/github-trending
- https://github.com/yoryio/CVE-2024-27198
- https://github.com/zhaoxiaoha/github-trending