daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2017/CVE-2017-11610.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-06-09 12:50:22 -04:00
parent f5d742d2f2
commit 28c75a844b
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2017/CVE-2017-11610.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2017-11610
info:
name: Supervisor XMLRPC Exec
name: XML-RPC Server - Remote Code Execution
author: notnotnotveg
severity: high
description: The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups.
description: The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisor namespace lookups.
reference:
- https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/exploit/linux/http/supervisor_xmlrpc_exec.md
- https://nvd.nist.gov/vuln/detail/CVE-2017-11610
@ -54,3 +54,5 @@ requests:
- "<methodResponse>"
- "<int>"
condition: and
# Enhanced by mp on 2022/06/09