v10.0.4
版本发布时间: 2024-11-18 14:26:02
projectdiscovery/nuclei-templates最新发布版本:v10.1.1(2024-12-23 18:40:14)
What's Changed
🔥 Release Highlights 🔥
- [CVE-2024-50340] Symfony Profiler - Remote Access via Injected Arguments (@DhiyaneshDK) [high] 🔥
- [CVE-2024-35219] OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete (@iamnoooob, @rootxharsh, @pdresearch) [high] 🔥
- [CVE-2024-10914] D-Link NAS - Command Injection via Name Parameter (@s4e-io) [critical] 🔥
- [CVE-2024-9487] GitHub Enterprise - SAML Authentication Bypass (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
- [CVE-2024-8963] Ivanti Cloud Services Appliance - Path Traversal (@johnk3r) [critical] 🔥
- [CVE-2024-6049] Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal (@s4e-io) [high] 🔥
- [CVE-2019-0192] Apache Solr - Deserialization of Untrusted Data (@hnd3884) [critical] 🔥
Bug Fixes
- Merging Duplicate - CVE-2024-7928 & fastadmin-lfi (Issue #11135).
False Negatives
No updates
False Positives
- False Positive Detection for Cloudflare in CSP (Issues #11138, #11139).
- CVE-2018-11784 FP (Issue #10495).
- False Positive … CVE-2023-46805 (Issue #11170).
- Fix FP CVE-2023-46805.yaml (Issue #11198).
- Fixfp phpwind-installer (Issue #11168).
- Fix: fp CVE-2023-43373.yaml (Issue #11130).
- Removing one case of FPs http/fuzzing/xff-403-bypass.yaml (Issue #10998).
- Fix fp http/misconfiguration/proxy/metadata-alibaba.yaml (Issue #10976).
Enhancements
- Refactor the “Thruk Panel” template (Issue #11206).
- Rename spring4shell-CVE-2022-22965.yaml to CVE-2022-22965.yaml for consistency (Issue #11204).
- Update linux-lfi-fuzz.yaml (Issue #11169).
- Update CVE-2022-0968.yaml (Issue #11150).
Template Updates
New Templates Added: 74
| CVEs Added: 26
| First-time contributions: 7
- [CVE-2024-51483] Changedetection.io <= 0.47.4 - Path Traversal (@iamnoooob, @rootxharsh, @pdresearch) [medium]
- [CVE-2024-50340] Symfony Profiler - Remote Access via Injected Arguments (@DhiyaneshDK) [high] 🔥
- [CVE-2024-48360] Qualitor <= v8.24 - Server-Side Request Forgery (@s4e-io) [high]
- [CVE-2024-36117] Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File Read (@iamnoooob, @rootxharsh, @pdresearch) [high]
- [CVE-2024-35219] OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete (@iamnoooob, @rootxharsh, @pdresearch) [high] 🔥
- [CVE-2024-10915] D-Link NAS - Command Injection via Group Parameter (@s4e-io) [critical]
- [CVE-2024-10914] D-Link NAS - Command Injection via Name Parameter (@s4e-io) [critical] 🔥
- [CVE-2024-10081] CodeChecker <= 6.24.1 - Authentication Bypass (@iamnoooob, @rootxharsh, @pdresearch) [critical]
- [CVE-2024-9487] GitHub Enterprise - SAML Authentication Bypass (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
- [CVE-2024-8963] Ivanti Cloud Services Appliance - Path Traversal (@johnk3r) [critical] 🔥
- [CVE-2024-8673] Z-Downloads < 1.11.7 - Cross-Site Scripting (@Splint3r7) [low]
- [CVE-2024-6420] Hide My WP Ghost < 5.2.02 - Hidden Login Page Disclosure (@jpg0mez) [high]
- [CVE-2024-6049] Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal (@s4e-io) [high] 🔥
- [CVE-2024-4841] LoLLMS WebUI - Subfolder Prediction via Path Traversal (@s4e-io) [medium]
- [CVE-2023-49494] DedeCMS v5.7.111 - Cross-Site Scripting (@ritikchaddha) [medium]
- [CVE-2022-31260] ResourceSpace - Metadata Export (@ritikchaddha) [medium]
- [CVE-2022-28033] Atom.CMS 2.0 - SQL Injection (@ritikchaddha) [critical]
- [CVE-2022-0479] Popup Builder Plugin - SQL Injection and Cross-Site Scripting (@ritikchaddha) [critical]
- [CVE-2021-44260] WAVLINK AC1200 - Information Disclosure (@ritikchaddha) [high]
- [CVE-2021-24934] Visual CSS Style Editor < 7.5.4 - Cross-Site Scripting (@Splint3r7) [medium]
- [CVE-2019-1003000] Jenkins Script Security Plugin <=1.49 - Sandbox Bypass (@sttlr) [high]
- [CVE-2019-0192] Apache Solr - Deserialization of Untrusted Data (@hnd3884) [critical] 🔥
- [CVE-2018-10383] Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site Scripting (@ritikchaddha) [medium]
- [CVE-2017-18590] Timesheet Plugin < 0.1.5 - Cross-Site Scripting (@Spling3r7) [medium]
- [CVE-2016-10976] Safe Editor Plugin < 1.2 - CSS/JS-injection (@Splint3r7) [medium]
- [CVE-2014-0160] OpenSSL Heartbleed Vulnerability (@pussycat0x) [high]
- [stack-notification-disabled] CloudFormation Stack Notification - Disabled (@DhiyaneshDK) [medium]
- [stack-policy-not-inuse] CloudFormation Stack Policy - Not In Use (@DhiyaneshDK) [medium]
- [stack-termination-disabled] CloudFormation Termination Protection - Disabled (@DhiyaneshDK) [medium]
- [cloudfront-compress-object] CloudFront Compress Objects Automatically (@DhiyaneshDK) [low]
- [cloudfront-custom-certificates] Cloudfront Custom SSL/TLS Certificates - In Use (@DhiyaneshDK) [medium]
- [cloudfront-geo-restriction] CloudFront Geo Restriction - Not Enabled (@DhiyaneshDK) [info]
- [cloudfront-insecure-protocol] CloudFront Insecure Origin SSL Protocols (@DhiyaneshDK) [medium]
- [cloudfront-integrated-waf] CloudFront Integrated With WAF (@DhiyaneshDK) [medium]
- [cloudfront-logging-disabled] Cloudfront Logging Disabled (@DhiyaneshDK) [medium]
- [cloudfront-origin-shield] CloudFront Origin Shield - Not Enabled (@DhiyaneshDK) [info]
- [cloudfront-security-policy] CloudFront Security Policy (@DhiyaneshDK) [medium]
- [cloudfront-traffic-unencrypted] CloudFront Traffic To Origin Unencrypted (@DhiyaneshDK) [medium]
- [cloudfront-viewer-policy] CloudFront Viewer Protocol Policy (@DhiyaneshDK) [medium]
- [secret-manager-not-inuse] Secrets Manager Not In Use (@DhiyaneshDK) [info]
- [secret-rotation-interval] Secret Rotation Interval (@DhiyaneshDK) [medium]
- [secrets-rotation-disabled] Secret Rotation Disabled (@DhiyaneshDK) [medium]
- [aspnet-framework-exceptions] ASP.NET Framework Exceptions (@Aayush Dhakal) [info]
- [nodejs-framework-exceptions] Node.js Framework Exceptions (@Aayush Dhakal) [info]
- [bigant-default-login] BigAnt - Default Password (@ritikchaddha) [critical]
- [minio-object-default-login] MinIO Console Object Store - Default Login (@johnk3r) [high]
- [actifio-panel] Actifio Resource Center - Panel (@Splint3r7) [info]
- [adapt-panel] Adapt Authoring Tool - Panel (@Splint3r7) [info]
- [aethra-panel] Aethra Telecommunications Login - Panel (@Splint3r7) [info]
- [akuiteo-panel] Akuiteo Login Panel - Detect (@righettod) [info]
- [alamos-panel] Alamos GmbH Panel - Detect (@Splint3r7) [info]
- [alfresco-panel] Alfresco Content App Panel - Detect (@Splint3r7) [info]
- [alternc-panel] AlternC Desktop Panel - Detect (@Splint3r7) [info]
- [anmelden-panel] Anmelden | OPNsense Panel - Detect (@Splint3r7) [info]
- [cyberpanel-panel] Cyberpanel Login Panel - Detect (@mailler) [info]
- [deepmail-panel] Advanced eMail Solution DEEPMail - Panel (@Splint3r7) [info]
- [ghe-encrypt-saml] GitHub Enterprise - Encrypted SAML (@rootxharsh, @iamnoooob, @pdresearch) [info]
- [hyperplanning-panel] HYPERPLANNING Login Panel - Detect (@righettod) [info]
- [nexpose-panel] Rapid7 Nexpose VM Security Console - Detect (@johnk3r) [info]
- [panos-management-panel] PAN-OS Management Panel - Detect (@bhutch) [info]
- [pronote-panel] PRONOTE Login Panel - Detect (@righettod) [info]
- [quest-panel] Quest Modem Configuration Login - Panel (@Splint3r7) [info]
- [quivr-panel] Quivr Panel - Detect (@s4e-io) [info]
- [thruk-panel] Thruk Login Panel - Detect (@ffffffff0x, @righettod) [info]
- [ip-webcam] IP Webcam Viewer Page - Detect (@gy741) [low]
- [azure-blob-core-detect] Azure Blob Core Service - Detect (@ProjectDiscoveryAI) [info]
- [atlantis-dashboard] Atlantis Dashboard - Exposure (@DhiyaneshDK) [medium]
- [pgwatch2-db-exposure] Pgwatch2 DBs to monitor - Exposure (@DhiyaneshDK) [high]
- [amazon-ecs-defualt-page] Amazon ECS Sample App Default Page - Detect (@Splint3r7) [info]
- [hubble-detect] Hubble - Detect (@righettod) [info]
- [localai-detect] LocalAI - Detect (@s4e-io) [info]
- [pghero-detect] PgHero - Detect (@righettod) [info]
- [flexmls-idx-detect] Flexmls IDX - Detect (@rxerium, @sorrowx3) [info]
- [lottie-backdoor] Lottie Player - Backdoor (@nagli-wiz) [critical]
New Contributors
- @AV-IO made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/11132
- @aayush2561 made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/11104
- @hnd3884 made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/11127
- @s4hm4d made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/11149
- @00xSayDoo made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/11139
- @andymcao made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/11169
- @cxbt made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/11204
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v10.0.3...v10.0.4