nuclei-templates/http/cves/2024/CVE-2024-32651.yaml

id: CVE-2024-32651

info:
  name: changedetection.io - Server Side Template Injection
  author: edoardottt
  severity: critical
  description: |
    A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2024-32651
    - https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10
    cve-id: CVE-2024-32651
    cwe-id: CWE-1336
  tags: cve,cve2024,changedetection,ssti,rce

requests:
  - method: GET
    redirects: true
    max-redirects: 5
    path:
      - "{{BaseURL}}/"

    extractors:
      - type: xpath
        name: version
        internal: true
        xpath:
          - "//*[@id=\"right-sticky\"]"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        part: body
        words:
          - "Change Detection"
        condition: and

      - type: dsl
        dsl:
          - compare_versions(version, '<= 0.45.20')
Add CVE-2024-32651 2024-04-29 14:36:08 +00:00			`id: CVE-2024-32651`

			`info:`
			`name: changedetection.io - Server Side Template Injection`
			`author: edoardottt`
			`severity: critical`
			`description: \|`
Add CVE-2024-32651 2024-04-29 14:41:50 +00:00			`A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.`
Add CVE-2024-32651 2024-04-29 14:36:08 +00:00			`reference:`
			`- https://nvd.nist.gov/vuln/detail/CVE-2024-32651`
			`- https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3`
			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H`
			`cvss-score: 10`
			`cve-id: CVE-2024-32651`
			`cwe-id: CWE-1336`
			`tags: cve,cve2024,changedetection,ssti,rce`

			`requests:`
			`- method: GET`
			`redirects: true`
			`max-redirects: 5`
			`path:`
			`- "{{BaseURL}}/"`

			`extractors:`
			`- type: xpath`
			`name: version`
			`internal: true`
			`xpath:`
			`- "//*[@id=\"right-sticky\"]"`

			`matchers-condition: and`
			`matchers:`
			`- type: status`
			`status:`
			`- 200`

			`- type: word`
			`part: body`
			`words:`
			`- "Change Detection"`
			`condition: and`

			`- type: dsl`
			`dsl:`
Add CVE-2024-32651 2024-04-29 14:41:50 +00:00			`- compare_versions(version, '<= 0.45.20')`