mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-09 12:13:30 +08:00
51 lines
1.5 KiB
YAML
51 lines
1.5 KiB
YAML
id: apache-nifi-rce
|
|
|
|
info:
|
|
name: Apache NiFi - Remote Code Execution
|
|
author: arliya
|
|
severity: critical
|
|
description: |
|
|
Apache NiFi is designed for data streaming. It supports highly configurable data routing, transformation, and system mediation logic that indicate graphs. The system has unauthorized remote command execution vulnerability.
|
|
reference:
|
|
- https://github.com/imjdl/Apache-NiFi-Api-RCE
|
|
- https://labs.withsecure.com/tools/metasploit-modules-for-rce-in-apache-nifi-and-kong-api-gateway
|
|
- https://packetstormsecurity.com/files/160260/apache_nifi_processor_rce.rb.txt
|
|
classification:
|
|
cpe: cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
shodan-query: "title:\"NiFi\""
|
|
product: nifi
|
|
vendor: apache
|
|
tags: packetstorm,apache,nifi,rce,vuln
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/nifi-api/process-groups/root"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "revision"
|
|
- "canRead"
|
|
- "permissions"
|
|
condition: and
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "application/json"
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
extractors:
|
|
- type: json
|
|
json:
|
|
- .id
|
|
# digest: 490a0046304402202a20508e118f1e397ce2a8ff55d3b2a2eecf13f4a1fa51fc9ed0fcc16a9ab2f3022070e2bc1197ec1b5e39f1028b587790e965339aa819224c9f6dbe1cad7dfe3751:922c64590222798bb761d5b6d8e72950 |