Add CVE-2021-3007 - Laminas/Zend Framework Deserialization RCE

[KrE80r]

/claim #14236

PR Information

• Added CVE-2021-3007 - Laminas/Zend Framework Insecure Deserialization RCE
• References:
  • https://nvd.nist.gov/vuln/detail/CVE-2021-3007
  • https://www.ambionics.io/blog/zend-framework-deserialization

Template validation

• [x] Validated with a host running a vulnerable version and/or configuration (True Positive)
• [x] Validated with a host running a patched version and/or configuration (avoid False Positive)

Additional Details

Vulnerable Test Environment:

• Docker repo: https://github.com/KrE80r/cve-2021-3007-vulnerable
• One-command setup: docker-compose up -d

Template Features:

• Dual namespace support (Laminas + Zend)
• Multiple endpoint paths (/, /index.php)
• Multiple parameter names (data, payload)
• KEV flagged (FreakOut botnet)

Search Queries:

• Shodan: http.html:"laminas" || http.html:"zend"
• FOFA: body="laminas" || body="zend"
• PublicWWW: "laminas" || "zend framework"

Additional References:

• Nuclei Template Creation Guideline
• Nuclei Template Contribution Guideline