daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10297 from ryanborum/patch-3 

Improved shodan query for CVE-2024-36401.yaml
patch-6
pussycat0x 2024-07-16 18:05:10 +05:30 committed by GitHub
parent 905b914f7c 2db502e313
commit 78dabffabb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
http/cves/2024/CVE-2024-36401.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2024-36401
info:
name: GeoServer RCE in Evaluating Property Name Expressions
author: DhiyaneshDk
author: DhiyaneshDk,ryanborum
severity: critical
description: |
In the GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions.
@ -18,7 +18,7 @@ info:
max-request: 1
vendor: osgeo
product: geoserver
shodan-query: http.title:"geoserver"
shodan-query: "Server: GeoHttpServer"
fofa-query:
- title="geoserver"
- app="geoserver"