Description: A Server-Side Template Injection (SSTI) vulnerability in Yeti platform
Versions Affected: v2.0 - v2.1.11
Version Fixed: 2.1.12
Researcher: https://x.com/_chebuya
Disclosure Link: https://rhinosecuritylabs.com/research/cve-2024-46507-yeti-server-side-template-injection-ssti/
NIST CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2024-46507
This bypasses authentication using a hardcoded JWT secret with a known username and exploits an SSTI.
python3 exploit.py -u <USERNAME> -t http://<TARGET_IP> -c '<COMMAND>'