Nuclei Templates Monthly - November 2023 Edition

Nuclei Templates Monthly - November 2023 Edition

Summary of Releases v9.6.9 and v9.7.0

πŸŽ‰ 124 new Templates added
πŸš€ 14 first-time contributions
πŸ”₯ 31 new CVEs added

Introduction

This month, we've seen several high-profile CVEs impacting various technologies. Key among them is CVE-2023-46604, a significant vulnerability in Apache ActiveMQ, notable for its potential for remote code execution and widespread exploitation. CVE-2023-34039 in Aria Operations for Networks, an authentication bypass vulnerability, is another critical issue, characterized by its high risk and severity. Additionally, CVE-2023-4911 in the GNU C Library's dynamic loader has drawn attention due to its active exploitation and high severity rating.

New Templates Added

We are excited to announce the addition of 124 new templates to the Nuclei Templates project. These templates cover a wide range of security checks, from trending vulnerabilities to SSH misconfiguration templates, empowering you to identify potential vulnerabilities efficiently. The contributions from our dedicated community have been immeasurably valuable in expanding the breadth of Nuclei's capabilities, and we extend our gratitude to all those involved.

New CVEs Added

This release incorporates 31 πŸ”₯ new CVEs, ensuring you remain current with the latest security vulnerabilities. By including these CVEs in the Nuclei Templates, we aim to provide with the necessary checks to detect and mitigate potential risks proactively.

Bug Fixes and Enhancements

This month we have done several bug fixes and implemented enhancements to improve the overall functionality of Nuclei Templates. The following contributions from our community members have been instrumental in making these improvements:

  • Added SSH misconfiguration templates
  • Created issues to add support for recommended.yaml to run curated templates #8674
  • Template added for AWS services detection
  • Added HoneyPot detection templates in #8567
  • Removed req-condition and cookie-reuse from the templates as they are enabled by default now #8702
  • Fixed a few templates producing false positive and false negative results

Highlighted CVE Templates

Here are some notable CVEs included in this release:

βœ… CVE-2023-46604: Apache ActiveMQ Vulnerability

This critical unauthenticated deserialization vulnerability in Apache ActiveMQ's OpenWire transport connector allows for remote code execution. It has been widely exploited, with several malware strains disseminated using this method.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2023-34039: Aria Operations for Networks Authentication Bypass

This vulnerability arises from a lack of unique cryptographic key generation, enabling attackers to bypass SSH authentication and gain access to the CLI of Aria Operations for Networks.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2023-4911: GNU C Library Buffer Overflow

This high severity buffer overflow vulnerability in the GNU C Library's dynamic loader can allow local attackers to execute code with elevated privileges.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2023-43795: GeoServer SSRF Vulnerability

This vulnerability in GeoServer's OGC Web Processing Service allows for Server Side Request Forgery due to its method of processing information using GET and POST requests.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2022-35653: Moodle LTI Module Reflected XSS Issue

Identified in Moodle's LTI module, this reflected XSS issue stems from insufficient sanitization of user-supplied data.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2023-22518: Atlassian Confluence Data Center and Server Vulnerability

An improper authorization vulnerability in Confluence Data Center and Server that allows unauthenticated attackers to reset Confluence and create an admin account.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2023-20198: Cisco IOS XE Software Web UI Privilege Escalation

This privilege escalation vulnerability in Cisco IOS XE Software's web UI feature allows attackers to gain full administrative privileges and unauthorized system access.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2020-24701: OX App Suite XSS Vulnerability

A cross-site scripting vulnerability in OX App Suite, allowing XSS via the app loading mechanism.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2023-1719: Bitrix24 Global Variable Extraction

This vulnerability in Bitrix24 allows unauthenticated remote attackers to execute arbitrary JavaScript code in the victim's browser.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

βœ… CVE-2023-2640: Ubuntu Kernel OverlayFS Module Vulnerability

Identified in the Ubuntu kernel's OverlayFS module, this vulnerability allows unprivileged users to set privileged extended attributes on mounted files without proper security checks.
ProjectDiscovery Cloud Platform
Create, edit, generate, and scan templates using AI in one seamless experience with Nuclei.

Community Spotlight

We express our sincere appreciation to the community members, including our first-time contributors for their contributions to the Nuclei Templates project.


Join the Nuclei Templates community on Discord, where you can actively participate, collaborate, and share valuable insights.

Subscribe to our newsletter and stay updated.

Don't miss anything. Get all the latest posts delivered straight to your inbox. It's free!
Great! Check your inbox and click the link to confirm your subscription.
Error! Please enter a valid email address!
--