Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2022-29153 #10607

Open
schreddies opened this issue Aug 26, 2024 · 1 comment
Open

CVE-2022-29153 #10607

schreddies opened this issue Aug 26, 2024 · 1 comment
Assignees
@ritikchaddha
Labels
false-negative Nuclei template missing valid results

Comments

@schreddies
Copy link

Template CVE-2022-29153 missing vulnerable instances of consul, as some are not responding with the 400 error page and information regarding field disable_redirects. That said, I am guessing at some point the change was introduced.

Nuclei Version:

v3.3.1

Template file:

http/cves/2022/CVE-2022-29153.yaml

Command to reproduce:

False negative

  • Run consul in versions under 1.6.10 (vulnerable),
  • Run nuclei template nuclei -t http/cves/2022/CVE-2022-29153.yaml -u {{host}}:8500,
  • No results from template.

True positive

  • consul > 1.7.0
  • Run nuclei template against nuclei -t http/cves/2022/CVE-2022-29153.yaml -u {{host}}:8500
  • Instances identified correctly
@schreddies schreddies added the false-negative Nuclei template missing valid results label Aug 26, 2024
@schreddies schreddies mentioned this issue Aug 26, 2024
Closed
@schreddies
Copy link
Author

Described as tested version 1.4.3 is not recognized as vulnerable, as well as everything version lower than 1.7.0.

@schreddies schreddies reopened this Aug 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ritikchaddha ritikchaddha

Labels
false-negative Nuclei template missing valid results
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@schreddies @ritikchaddha