nuclei-templates/http/vulnerabilities/apache/apache-nifi-rce.yaml

47 lines
1.4 KiB
YAML
Raw Permalink Normal View History

id: apache-nifi-rce
info:
name: Apache NiFi - Remote Code Execution
author: arliya
severity: critical
description: |
Apache NiFi is designed for data streaming. It supports highly configurable data routing, transformation, and system mediation logic that indicate graphs. The system has unauthorized remote command execution vulnerability.
reference:
- https://github.com/imjdl/Apache-NiFi-Api-RCE
- https://labs.withsecure.com/tools/metasploit-modules-for-rce-in-apache-nifi-and-kong-api-gateway
- https://packetstormsecurity.com/files/160260/apache_nifi_processor_rce.rb.txt
metadata:
verified: true
max-request: 1
shodan-query: "title:\"NiFi\""
tags: packetstorm,apache,nifi,rce
http:
- method: GET
path:
- "{{BaseURL}}/nifi-api/process-groups/root"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "revision"
- "canRead"
- "permissions"
condition: and
- type: word
part: header
words:
- "application/json"
- type: status
status:
- 200
extractors:
- type: json
json:
- .id
# digest: 4b0a00483046022100823087d872f3a455924ecdc15097cdfee075237703e430052a76021a9dde5961022100a89d1b8d93adc5aa3081364ad7a0e725ef1c4a2c863d151b5331254588d3043a:922c64590222798bb761d5b6d8e72950