Emad Shanab emadshanab

Intro

”Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.”

FAQ

Q: What is nuclei?
A: Nuclei is a fast and customizable vulnerability scanner based on simple YAML-based templates.

	id: CVE-2024-50623

	info:
	name: CVE-2024-50623
	author: rxerium
	severity: high
	description: \|
	Unrestricted file upload and download vulnerability in Cleo Harmony, VLTrader, and LexiCom before version 5.8.0.21, leading to remote code execution
	reference:
	- https://support.cleo.com/hc/en-us/articles/27140294267799-Cleo-Product-Security-Advisory

	id: exposed-pki-infrastructure
	info:
	name: Exposed Internal PKI Infrastructure Detection
	author: nullenc0de
	severity: critical
	description: Detects exposed internal PKI infrastructure including CRL distribution points and OCSP responders
	tags: pki,exposure,misconfig

	requests:
	- method: GET

	id: backupfiles

	info:
	name: Compressed Backup File - Detect
	author: toufik-airane,dwisiswant0,ffffffff0x,pwnhxl,mastercho,PushkraJ99
	severity: medium
	description: Multiple compressed backup files were detected.
	classification:
	cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
	cvss-score: 5.3

	id: suspicious-extensions-rce

	info:
	name: Suspicious File Extensions - Potential RCE
	author: Nullenc0de
	severity: medium
	description: Detects files with potentially suspicious extensions that could be used for Remote Code Execution (RCE). Scan your AppData folder.

	file:
	- extensions:

	id: VMSA-2024-0012

	info:
	name: VMware vCenter Server heap-overflow (potential RCE) and privilege escalation
	author: "@an0n_r0"
	severity: critical
	description: \|
	CVE-2024-37079, CVE-2024-37080: vCenter Server multiple heap-overflow vulnerabilities
	CVE-2024-37081: vCenter Server local privilege escalation due to misconfiguration of sudo
	impact: \|

	+CSCOE+/logon.html
	+CSCOT+/oem
	+CSCOT+/translation
	-/health
	-/healthy
	-/liveness
	-/readiness
	-/ready
	-/whoami
	.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html

	id: CVE-2019-18935
	info:
	name: Deserialization Vulnerability in Telerik UI for ASP.NET AJAX.
	author: Talson
	severity: critical
	description: \|
	Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution.
	remediation: \|
	As of 2020.1.114, a default setting prevents the exploit. In 2019.3.1023, but not earlier versions, a non-default setting can prevent exploitation.
	reference:

	id: CVE-2023-36845

	info:
	name: Juniper Networks Junos OS PHP External Variable Modification Vulnerability
	author: hxlxmj
	severity: medium
	description: \|
	A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables.
	reference:
	- https://nvd.nist.gov/vuln/detail/CVE-2023-36845

	id: CVE-2023-26255

	info:
	name: Stagil navigation for jira - Local File Inclusion
	author: 0x240x23elu
	severity: high
	description: Prior to version 2.0.52 of the “Stagil navigation for jira – Menù & Themes", the fileName parameter is vulnerable to a "Directory Traversal" that would allow an attacker to read files on the server knowing their path
	reference:
	- https://github.com/1nters3ct/CVEs/blob/main/CVE-2023-26255.md
	cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N