This month, we’ve released multiple versions of Nuclei Templates that bring numerous enhancements to Nuclei users.
Here are some highlighted stats from the combined releases:
🎉 316 New Templates added
🚀 14 First-time contributions
🔥 158 New CVEs added
Welcome to the October 2023 edition of Nuclei Templates Monthly Release. The cyber landscape continues to evolve with new, significant CVEs making waves in the community. This month, we’re spotlighting a range of serious vulnerabilities including:
- F5 BIG-IP’s Unauthenticated RCE via AJP Smuggling
- NextGen Mirth Connect’s Remote Code Execution
- Viessmann Vitogate 300’s Remote Code Execution
- Citrix Bleed leading to Leaking Session Tokens
- JetBrains TeamCity < 2023.05.4 - Remote Code Execution
- Sitecore – Remote Code Execution
- Microsoft SharePoint – Authentication Bypass
- Atlassian Confluence – Privilege Escalation
These CVEs have garnered substantial attention due to their potential impact on network security and data integrity. For instance, the unauthenticated RCE in F5 BIG-IP systems could provide attackers with unauthorized access to sensitive systems. The discoveries highlight the ever-urgent need for robust security measures and continuous vigilance in the face of evolving cyber threats. Our latest releases encapsulate these, along with other notable CVEs, furnishing the security community with vital tools to tackle these looming threats head-on.
New Templates Added
We are excited to announce the addition of 255 new templates to the Nuclei Templates project. These templates cover a wide range of security checks, from trending CVEs to templates for newly supported protocols in Nuclei v3, empowering you to identify potential vulnerabilities efficiently. The contributions from our dedicated community have been immeasurably valuable in expanding the breadth of Nuclei’s capabilities, and we extend our gratitude to all those involved.
New CVEs Added
This month we have added 158 🔥 new CVEs, ensuring you remain current with the latest security vulnerabilities. By including these CVEs in the Nuclei Templates, we aim to provide you with the necessary tools to detect and mitigate potential risks proactively.
Bug Fixes and Enhancements
This month we have done several bug fixes and implemented enhancements to improve the overall functionality of Nuclei Templates. The following contributions from our community members have been instrumental in making these improvements:
- 16 new Log4j templates were added by Shaikh Yaser
- The remediation, EPSS, product, vendor, and other metadata details have been updated on the CVE templates
- All templates have been signed to ensure the integrity and authenticity of Nuclei templates. You can read more about it here.
- 10 templates have been updated to fix false negatives and positives.
Highlighted CVE Templates
✅ CVE-2023-46747: F5 BIG-IP – Unauthenticated RCE via AJP Smuggling
F5 BIG-IP is vulnerable to an unauthenticated remote code execution via AJP Smuggling which allows an attacker to execute arbitrary system commands.
✅ CVE-2023-45852: Viessmann Vitogate 300 – Remote Code Execution
Viessmann Vitogate 300 has a vulnerability where an unauthenticated attacker can bypass authentication and execute arbitrary commands.
✅ CVE-2023-4966: Citrix Bleed – Leaking Session Tokens
Termed as “Citrix Bleed”, this vulnerability in Citrix NetScaler ADC and NetScaler Gateway leads to information disclosure allowing an unauthenticated attacker to hijack an existing authenticated session.
✅ CVE-2023-42793: JetBrains TeamCity < 2023.05.4 - Remote Code Execution
JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
✅ CVE-2023-35813: Sitecore – Remote Code Execution
Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3
✅ CVE-2023-29357: Microsoft SharePoint – Auth Bypass
Microsoft SharePoint Server Elevation of Privilege Vulnerability
✅ ServiceNow Widget-Simple-List – Misconfiguration
This template highlights a misconfiguration vulnerability in ServiceNow Widget-Simple-List which can potentially lead to unauthorized access or data exposure.
✅ CVE-2023-22515 – Atlassian Confluence – Privilege Escalation
Atlassian Confluence Data Center and Server contains a privilege escalation vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.
✅ CVE-2023-37979 – Ninja Forms < 3.6.26 - Cross-Site Scripting
Ninja Forms has a Cross-Site Scripting (XSS) vulnerability in versions before 3.6.26 which could allow attackers to inject malicious scripts into web pages viewed by other users.
✅ CVE-2021-25016: Chaty < 2.8.2 - Cross-Site Scripting
Chaty has a Cross-Site Scripting (XSS) vulnerability in versions before 2.8.2 which could potentially allow attackers to inject malicious scripts.
✅ CVE-2020-6950: Eclipse Mojarra – Local File Read
Eclipse Mojarra has a vulnerability that allows local file read, potentially allowing attackers to read sensitive files on the server.
✅ CVE-2023-4451: Cockpit – Cross-Site Scripting
Cockpit has a Cross-Site Scripting (XSS) vulnerability which could potentially allow attackers to inject malicious scripts.
✅ CVE-2023-3710: Honeywell PM43 Printers – Command Injection
Honeywell PM43 Printers are vulnerable to a command injection attack, which could allow attackers to execute arbitrary commands.
✅ CVE-2023-3219: EventON Lite < 2.1.2 - Arbitrary File Download
EventON Lite has a vulnerability that allows arbitrary file download in versions before 2.1.2, which could potentially lead to information disclosure.
We express our sincere appreciation to the community members, including our first-time contributors for their contributions to the Nuclei Templates project.
News, Upcoming Features & Roadmap
The Nuclei v3 release benefits template writers through its new Flow Template Engine, allowing for more complex workflows, and the Template Signing & Verification feature, ensuring the integrity and authenticity of templates. Additionally, the revamped SDK-4-ALL provides a more robust toolkit for template development. You can read more about it here.
Join the Nuclei Templates community on Discord, where you can actively participate, collaborate, and share valuable insights. Feel free to join the Discord server if you have any questions or suggestions for further improving Nuclei Templates.