daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/cves/2022/CVE-2022-23779.yaml

43 lines
1.1 KiB
YAML
Raw Normal View History

add CVE-2022-23779
2022-03-06 01:38:26 +00:00
id: CVE-2022-23779
info:
more strict matchers + extractor
2022-03-06 08:17:52 +00:00
name: Zoho ManageEngine - Internal Hostname Disclosure
add CVE-2022-23779
2022-03-06 01:38:26 +00:00
author: cckuailong
severity: medium
description: Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses.
reference:
- https://www.manageengine.com/products/desktop-central/cve-2022-23779.html
- https://github.com/fbusr/CVE-2022-23779
- https://nvd.nist.gov/vuln/detail/CVE-2022-23779
metadata:
more strict matchers + extractor
2022-03-06 08:17:52 +00:00
fofa-query: app="ZOHO-ManageEngine-Desktop"
tags: cve,cve2022,zoho,exposure
add CVE-2022-23779
2022-03-06 01:38:26 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/themes"
matchers-condition: and
matchers:
- type: status
status:
- 301
- type: word
part: header
words:
more strict matchers + extractor
2022-03-06 08:17:52 +00:00
- '/themes/'
- 'text/html'
condition: and
- type: dsl
dsl:
- '!contains(location,host)'
extractors:
- type: regex
part: header
group: 1
regex:
- 'https?:\/\/(.*):'