Skip to content

Commit

Permalink
automatic module_metadata_base.json update
Browse files Browse the repository at this point in the history
  • Loading branch information
jenkins-metasploit committed Dec 16, 2024
1 parent 6f9982d commit 92c97b0
Showing 1 changed file with 66 additions and 0 deletions.
66 changes: 66 additions & 0 deletions db/modules_metadata_base.json
Original file line number Diff line number Diff line change
Expand Up @@ -117986,6 +117986,72 @@
"session_types": false,
"needs_cleanup": true
},
"exploit_multi/http/wso2_api_manager_file_upload_rce": {
"name": "WSO2 API Manager Documentation File Upload Remote Code Execution",
"fullname": "exploit/multi/http/wso2_api_manager_file_upload_rce",
"aliases": [

],
"rank": 600,
"disclosure_date": "2024-05-31",
"type": "exploit",
"author": [
"Siebene@ <@Siebene7>",
"Heyder Andrade <@HeyderAndrade>",
"Redway Security <redwaysecurity.com>"
],
"description": "A vulnerability in the 'Add API Documentation' feature allows malicious users with specific permissions\n (`/permission/admin/login` and `/permission/admin/manage/api/publish`) to upload arbitrary files to a user-controlled\n server location. This flaw could be exploited to execute remote code, enabling an attacker to gain control over the server.",
"references": [
"URL-https://github.com/redwaysecurity/CVEs/tree/main/WSO2-2023-2988",
"URL-https://blog.redwaysecurity.com/2024/11/wso2-4.2.0-remote-code-execution.html",
"URL-https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2023-2988/"
],
"platform": "Linux,Windows",
"arch": "java",
"rport": 9443,
"autofilter_ports": [
80,
8080,
443,
8000,
8888,
8880,
8008,
3000,
8443
],
"autofilter_services": [
"http",
"https"
],
"targets": [
"Automatic",
"WSO2 API Manager (3.1.0 - 4.0.0)",
"WSO2 API Manager (4.1.0)",
"WSO2 API Manager (4.2.0)"
],
"mod_time": "2024-12-11 11:58:53 +0000",
"path": "/modules/exploits/multi/http/wso2_api_manager_file_upload_rce.rb",
"is_install_path": true,
"ref_name": "multi/http/wso2_api_manager_file_upload_rce",
"check": true,
"post_auth": true,
"default_credential": false,
"notes": {
"Stability": [
"crash-safe"
],
"SideEffects": [
"ioc-in-logs",
"artifacts-on-disk"
],
"Reliability": [
"repeatable-session"
]
},
"session_types": false,
"needs_cleanup": true
},
"exploit_multi/http/wso2_file_upload_rce": {
"name": "WSO2 Arbitrary File Upload to RCE",
"fullname": "exploit/multi/http/wso2_file_upload_rce",
Expand Down

0 comments on commit 92c97b0

Please sign in to comment.