Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
GeoServer RCE (CVE-2024-36401) - Vulnerability Database

GeoServer RCE (CVE-2024-36401)

Description

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. This version of GeoServer is vulnerable to an RCE vulnerability.

Remediation

Upgrade to the latest version of GeoServer.

References

GitHub Advisory GHSA-6jj6-gm7p-fcvv

Related Vulnerabilities

Sitecore XM/XP Insecure Deserialization (CVE-2025-27218) Critical
Common tags: Code Execution Known Vulnerabilities
Ektron CMS unauthenticated code execution and Local File Read High
Common tags: Code Execution Known Vulnerabilities
PHP CGI Argument Injection (CVE-2024-4577) Critical
Common tags: Code Execution Known Vulnerabilities
Ruby on Rails DoubleTap RCE (CVE-2019-5420) High
Common tags: Code Execution Known Vulnerabilities
Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387) High
Common tags: Code Execution Known Vulnerabilities

Severity

Critical

Classification

CVE-2024-36401
CWE-94
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Tags

Code Execution
Known Vulnerabilities