Comments (7)
Hi @frkngksl,
We already have a plugin that detects CVE-2023-1177 which seems to be the previous version of that vulnerability. Could you:
- Confirm that our understanding is correct (CVE-2023-6977 is a bypass of the mitigation implemented for CVE-2023-1177);
- Perform the modification directly to the existing plugin as it looks like this version encompass the previous one as well.
- Change the README accordingly to mention that this covers both vulnerabilities
Let me know if you are interested. This would qualify for a slightly lower bounty though.
Cheers,
~tooryx
from tsunami-security-scanner-plugins.
Hi @tooryx,
I could implement and compine it with the existing plugin, but I applied for #429 . Since you said that this PRP is lower bounty, could I take these two together?
from tsunami-security-scanner-plugins.
Hi @frkngksl,
I did not really track the status of #429, so I do not know who it will be assigned to.
But you can start working on this one, given its size, it should be fairly quick.
Cheers,
~tooryx
from tsunami-security-scanner-plugins.
Okay then, I will start with this one. Will you send me a submission link to track the progress?
from tsunami-security-scanner-plugins.
Please submit our participation form and you can start working on the development.
Thanks!
~tooryx
from tsunami-security-scanner-plugins.
Hi @tooryx , Do you want me to also add CVE-2023-2780 ? As far as I understand from the first glance, it is another bypass for CVE-2023-1177. It can be thought as the same category with the CVE-2023-6977. Maybe it might help to increase the bounty amount too?
Ref: https://huntr.com/bounties/b12b0073-0bb0-4bd1-8fc2-ec7f17fd7689
from tsunami-security-scanner-plugins.
Hi @tooryx, I have one more question. In terms of modifying the plugin, do you expect that this plugin will create three (if you accept the above one) different detection reports that state CVEs seperately? Or should I just add these three different types of LFI methods and return the current report (CVE-2023-1177, current version of the code) for all of them (not mentioning their CVEs specifically)? I'm a bit confused because all mentioned CVEs have three HTTP requests, and only the first ones are the same.
Also, it should be noted that one version of Mlflow can be vulnerable to three assigned vulnerabilities at the same time. Tested and observed with version 2.1.0.
Therefore, I'm not sure how to edit the following code block for multiple CVEs according to your standarts
@Override
public DetectionReportList detect(
TargetInfo targetInfo, ImmutableList<NetworkService> matchedServices) {
logger.atInfo().log("CVE-2023-1177 starts detecting.");
return DetectionReportList.newBuilder()
.addAllDetectionReports(
matchedServices.stream()
.filter(NetworkServiceUtils::isWebService)
.filter(this::isServiceVulnerable)
.map(networkService -> buildDetectionReport(targetInfo, networkService))
.collect(toImmutableList()))
.build();
}
from tsunami-security-scanner-plugins.
Related Issues (20)
- AI PRP: Weak credential tester for jupyter lab/notebook through Jupyterhub
- PRP: Request Adobe Commerce RCE(CVE-2024-20720) HOT 2
- AI PRP: prestodb exposed UI and APIs
- AI PRP: clickhouse exposed API with weak/default credentials HOT 2
- Spring Boot H2 Database - Remote Command Execution
- CVE-2024-28255 - OpenMetaData RCE
- PRP: PAN-OS Firewall RCE HOT 1
- PRP: Adobe ColdFusion - CVE-2023-26360 HOT 1
- AI PRP: CVE-2023-48022 - Ray RCE HOT 1
- AI PRP: argo rollouts
- AI PRP: argo events
- AI PRP: Minio Weak credentials tester HOT 3
- PRP: Unauthenticated Mongodb server
- PRP: Exposed Docker daemon Remote Access HOT 6
- PRP: Exposed Android Debug Bridge
- AI PRP: BentoML Insecure Deserialization RCE HOT 6
- AI PRP: Gardio Arbitrary File Read CVE-2024-1561
- AI PRP: Apache Flink exposed UI
- AI PRP: New Web Fingerprint for Open-WebUI (Ollama WebUI) HOT 1
- AI PRP: Mindsdb weak credential
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tsunami-security-scanner-plugins.