2024-04-29 14:36:08 +00:00
id : CVE-2024-32651
info :
2024-05-03 05:41:13 +00:00
name : Change Detection - Server Side Template Injection
2024-04-29 14:36:08 +00:00
author : edoardottt
severity : critical
description : |
2024-04-29 14:41:50 +00:00
A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.
2024-04-29 14:36:08 +00:00
reference :
- https://nvd.nist.gov/vuln/detail/CVE-2024-32651
- https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3
2024-05-03 05:41:13 +00:00
- https://github.com/dgtlmoon/changedetection.io/releases/tag/0.45.21
- https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2
2024-04-29 14:36:08 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score : 10
cve-id : CVE-2024-32651
cwe-id : CWE-1336
2024-06-07 10:04:29 +00:00
epss-score : 0.00065
epss-percentile : 0.28259
2024-05-03 05:41:13 +00:00
metadata :
verified : true
max-request : 1
shodan-query : html:"Change Detection"
2024-05-07 12:55:10 +00:00
tags : cve,cve2024,changedetection,ssti,rce,passive
2024-04-29 14:36:08 +00:00
2024-05-03 05:41:13 +00:00
http :
2024-04-29 14:36:08 +00:00
- method : GET
path :
2024-05-03 08:50:53 +00:00
- "{{RootURL}}/"
2024-04-29 14:36:08 +00:00
2024-05-03 05:41:13 +00:00
redirects : true
max-redirects : 2
2024-04-29 14:36:08 +00:00
extractors :
- type : xpath
name : version
internal : true
xpath :
- "//*[@id=\"right-sticky\"]"
matchers-condition : and
matchers :
- type : status
status :
- 200
- type : word
part : body
words :
- "Change Detection"
condition : and
- type : dsl
dsl :
2024-04-29 14:41:50 +00:00
- compare_versions(version, '<= 0.45.20')
2024-06-08 16:02:17 +00:00
# digest: 4b0a00483046022100fababded42d7a17ed446608da54c1802c86f5ad0eff6a4f9f9c6299a3d4e0f9e022100843a8f54563f6dd62aa6d9d160e9ad7f886f39d623887bca9819f2e2fbb93ce4:922c64590222798bb761d5b6d8e72950
