daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2021/CVE-2021-20837.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-05 12:07:23 -04:00
parent 9c7bfc43ee
commit f9b869593f
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cves/2021/CVE-2021-20837.yaml
View File

@ -1,11 +1,10 @@
id: CVE-2021-20837 id: CVE-2021-20837
info: info:
name: Unauthenticated RCE In MovableType name: MovableType - Remote Command Injection
author: dhiyaneshDK,hackergautam author: dhiyaneshDK,hackergautam
severity: critical severity: critical
description: 5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8. 2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced description: MovableType 5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8. 2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.
1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.
reference: reference:
- https://nemesis.sh/posts/movable-type-0day/ - https://nemesis.sh/posts/movable-type-0day/
- https://github.com/ghost-nemesis/cve-2021-20837-poc - https://github.com/ghost-nemesis/cve-2021-20837-poc
@ -53,3 +52,5 @@ requests:
- type: status - type: status
status: status:
- 200 - 200
# Enhanced by mp on 2022/05/05