nuclei-templates/cves/2020/CVE-2020-9496.yaml

43 lines
1.2 KiB
YAML

id: CVE-2020-9496
info:
name: Apache OFBiz XML-RPC Java Deserialization
author: dwisiswant0
severity: medium
description: XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
# This template detects a Java deserialization vulnerability in Apache
# OFBiz's unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for
# versions prior to 17.12.04.
# --
# References:
# - https://securitylab.github.com/advisories/GHSL-2020-069-apache_ofbiz
requests:
- raw:
- |
POST /webtools/control/xmlrpc HTTP/1.1
Host: {{Hostname}}
Origin: http://{{Hostname}}
Content-Type: application/xml
<?xml version="1.0"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>
matchers-condition: and
matchers:
- type: word
words:
- "faultString"
- "No such service [ProjectDiscovery]"
- "methodResponse"
condition: and
part: body
- type: word
words:
- "Content-Type: text/xml"
part: header
- type: status
status:
- 200