id: maestro-unauth-rce

info:
  name: ListSERV Maestro <= 9.0-8 RCE
  author: b0yd
  severity: info
  description: CVE-2010-1870 Struts based OGNL remote code execution in ListSERV Maestro before and including version 9.0-8.
  reference: |
      - https://www.securifera.com/advisories/sec-2020-0001/
      - https://packetstormsecurity.com/files/159643/listservmaestro-exec.txt

requests:
  - method: GET
    path:
      - "{{BaseURL}}/lui/"
      - "{{BaseURL}}/hub/"

    extractors:
      - type: regex
        regex:
          - 'LISTSERV Maestro\s+9\.0-[123456780]'
          - 'LISTSERV Maestro\s+[5678]'
          - 'Administration Hub 9\.0-[123456780]'
          - 'Administration Hub [5678]'
        condition: or