Full title: TeamCity Agent XML-RPC Command Execution Exploit 
Category: remote exploits
Platform: multiple
This Metasploit module allows remote code execution on TeamCity Agents configured to use bidirectional communication via xml-rpc. In bidirectional mode the TeamCity server pushes build commands to the Build Agents over port TCP/9090 without requiring authentication. Up until version 10 this was the default configuration. This Metasploit module supports TeamCity agents from version 6.0 onwards.

# 0day.today @ http://0day.today/