daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update goanywhere-log4j-rce.yaml

patch-1
Ritik Chaddha 2022-07-22 23:41:57 +05:30 committed by GitHub
parent 1ea058b576
commit 9d8af2ac47
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
vulnerabilities/other/goanywhere-log4j-rce.yaml
View File

@ -6,12 +6,15 @@ info:
severity: critical
reference:
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
metadata:
shodan-query: http.title:"GoAnywhere"
- https://logging.apache.org/log4j/2.x/security.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-44228
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-77
metadata:
verified: true
shodan-query: title:"GoAnywhere"
tags: jndi,log4j,rce,cve,cve2021,oast,goanywhere
requests:
@ -59,4 +62,4 @@ requests:
part: interactsh_request
group: 1
regex:
- '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${sys:os.name} in output
- '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${sys:os.name} in output