nuclei-templates/cves/2020/CVE-2020-9047.yaml

id: CVE-2020-9047

info:
  name: exacqVision Web Service RCE
  author: dwisiswant0
  severity: high
  description: |
    This template supports the detection part only. See references.

    A vulnerability exists that could allow the execution of
    unauthorized code or operating system commands on systems
    running exacqVision Web Service versions 20.06.3.0 and prior
    and exacqVision Enterprise Manager versions 20.06.4.0 and prior.

    An attacker with administrative privileges could potentially
    download and run a malicious executable that
    could allow OS command injection on the system.

  reference:
    - https://github.com/norrismw/CVE-2020-9047
    - https://www.johnsoncontrols.com/cyber-solutions/security-advisories
    - https://www.us-cert.gov/ics/advisories/ICSA-20-170-01
  tags: cve,cve2020,rce

requests:
  - method: GET
    path:
      - "{{BaseURL}}/version.web"
    matchers-condition: and
    matchers:
      - type: word
        words:
          - "3.10.4.72058"
          - "3.12.4.76544"
          - "3.8.2.67295"
          - "7.0.2.81005"
          - "7.2.7.86974"
          - "7.4.3.89785"
          - "7.6.4.94391"
          - "7.8.2.97826"
          - "8.0.6.105408"
          - "8.2.2.107285"
          - "8.4.3.111614"
          - "8.6.3.116175"
          - "8.8.1.118913"
          - "9.0.3.124620"
          - "9.2.0.127940"
          - "9.4.3.137684"
          - "9.6.7.145949"
          - "9.8.4.149166"
          - "19.03.3.152166"
          - "19.06.4.157118"
          - "19.09.4.0"
          - "19.12.2.0"
          - "20.03.2.0"
          - "20.06.3.0"
        condition: or
        part: body
      - type: status
        status:
          - 200
misc changes 2021-01-02 04:56:15 +00:00			`id: CVE-2020-9047`
:fire: Add CVE-2020-9047 2020-10-01 06:36:19 +00:00
			`info:`
			`name: exacqVision Web Service RCE`
			`author: dwisiswant0`
			`severity: high`
			`description: \|`
			`This template supports the detection part only. See references.`

			`A vulnerability exists that could allow the execution of`
			`unauthorized code or operating system commands on systems`
			`running exacqVision Web Service versions 20.06.3.0 and prior`
			`and exacqVision Enterprise Manager versions 20.06.4.0 and prior.`

			`An attacker with administrative privileges could potentially`
			`download and run a malicious executable that`
			`could allow OS command injection on the system.`

Removed pipe (\|) character from references, because the structure requires it to be a string slice, not a string Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84 2021-08-18 11:37:49 +00:00			`reference:`
:fire: Add CVE-2020-9047 2020-10-01 06:36:19 +00:00			`- https://github.com/norrismw/CVE-2020-9047`
References 2021-03-22 08:54:22 +00:00			`- https://www.johnsoncontrols.com/cyber-solutions/security-advisories`
			`- https://www.us-cert.gov/ics/advisories/ICSA-20-170-01`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00			`tags: cve,cve2020,rce`
:fire: Add CVE-2020-9047 2020-10-01 06:36:19 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/version.web"`
			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
			`- "3.10.4.72058"`
			`- "3.12.4.76544"`
			`- "3.8.2.67295"`
			`- "7.0.2.81005"`
			`- "7.2.7.86974"`
			`- "7.4.3.89785"`
			`- "7.6.4.94391"`
			`- "7.8.2.97826"`
			`- "8.0.6.105408"`
			`- "8.2.2.107285"`
			`- "8.4.3.111614"`
			`- "8.6.3.116175"`
			`- "8.8.1.118913"`
			`- "9.0.3.124620"`
			`- "9.2.0.127940"`
			`- "9.4.3.137684"`
			`- "9.6.7.145949"`
			`- "9.8.4.149166"`
			`- "19.03.3.152166"`
			`- "19.06.4.157118"`
			`- "19.09.4.0"`
			`- "19.12.2.0"`
			`- "20.03.2.0"`
			`- "20.06.3.0"`
			`condition: or`
			`part: body`
			`- type: status`
			`status:`
			`- 200`