JetBrains TeamCity Unauthenticated Remote Code Execution

This Metasploit module exploits an authentication bypass vulnerability in JetBrains TeamCity. An unauthenticated attacker can leverage this to access the REST API and create a new administrator access token. This token can be used to upload a plugin which contains a Metasploit payload, allowing the attacker to achieve unauthenticated remote code execution on the target TeamCity server. On older versions of TeamCity, access tokens do not exist so the exploit will instead create a new administrator account before uploading a …

access access token administrator api attacker authentication authentication bypass bypass bypass vulnerability can code code execution exploits jetbrains jetbrains teamcity metasploit payload plugin remote code remote code execution rest rest api teamcity token unauthenticated upload vulnerability