Skip to content
Nuclei Templates

Microsoft SQL Server Reporting Services - Remote Code Execution

ID: CVE-2020-0618

Severity: high

Author: joeldeleep

Tags: cve,cve2020,rce,packetstorm,microsoft,kev

Description

Section titled “Description”

Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vulnerability because it incorrectly handles page requests.

YAML Source

Section titled “YAML Source”
id: CVE-2020-0618


info:
  name: Microsoft SQL Server Reporting Services - Remote Code Execution
  author: joeldeleep
  severity: high
  description: Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vulnerability because it incorrectly handles page requests.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system.
  remediation: |
    Apply the latest security updates provided by Microsoft to mitigate this vulnerability.
  reference:
    - https://www.mdsec.co.uk/2020/02/cve-2020-0618-rce-in-sql-server-reporting-services-ssrs/
    - https://github.com/euphrat1ca/CVE-2020-0618
    - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618
    - http://packetstormsecurity.com/files/156707/SQL-Server-Reporting-Services-SSRS-ViewState-Deserialization.html
    - https://nvd.nist.gov/vuln/detail/CVE-2020-0618
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2020-0618
    cwe-id: CWE-502
    epss-score: 0.97334
    epss-percentile: 0.99886
    cpe: cpe:2.3:a:microsoft:sql_server:2012:sp4:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: microsoft
    product: sql_server
  tags: cve,cve2020,rce,packetstorm,microsoft,kev


http:
  - method: GET
    path:
      - "{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "view report"


      - type: status
        status:
          - 200
# digest: 4a0a0047304502203185ffb78194221c9cfe7c3407eda7b26f72c0784330ae25de7497d011270194022100e8047aab505fa03fe7673012204c80bad84b85ebaddea25672ff00c7366fd92c:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2020/CVE-2020-0618.yaml"

View on Github