Imcat 4.4 - Phpinfo Configuration
ID: CVE-2018-20608
Severity: high
Author: ritikchaddha
Tags: cve2018,cve,imcat,phpinfo,config,txjia
Description
Section titled “Description”Imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI.
YAML Source
Section titled “YAML Source”id: CVE-2018-20608
info: name: Imcat 4.4 - Phpinfo Configuration author: ritikchaddha severity: high description: Imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI. impact: | The vulnerability can lead to the exposure of sensitive information, such as server configuration details. remediation: | Update Imcat to the latest version or apply the necessary patches to fix the Phpinfo Configuration vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2018-20608 - https://github.com/SexyBeast233/SecBooks classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-20608 cwe-id: CWE-200 epss-score: 0.0111 epss-percentile: 0.84208 cpe: cpe:2.3:a:txjia:imcat:4.4:*:*:*:*:*:*:* metadata: max-request: 1 vendor: txjia product: imcat tags: cve2018,cve,imcat,phpinfo,config,txjia
http: - method: GET path: - "{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"
matchers-condition: and matchers: - type: word words: - "PHP Extension" - "PHP Version" condition: and
- type: status status: - 200
extractors: - type: regex group: 1 regex: - '>PHP Version <\/td><td class="v">([0-9.]+)' part: body# digest: 490a0046304402205f4ab4b66b3e815c888a2bf2651289912c4c94c2633766fde42a6de1412b307d02201be0593a56938cbca3985d94ed57a96f1e00aa30b125cf64fefe42d6bf79925f:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-20608.yaml"