sardine-web/CVE-2024-36991

Path traversal vulnerability in Splunk Enterprise on Windows

CVE-2024-36991 Nuclei Template

Description

This repository contains a Nuclei template to detect the path traversal vulnerability in Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10. The vulnerability allows unauthorized access to sensitive files, such as /etc/passwd.

CVE Details

• CVE ID: CVE-2024-36991
• Vulnerability Type: Path Traversal
• Affected Software: Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10
• Author: Sardine Web
• Reference:
  • Twitter Author

Usage

Single Scan

To run a single scan using this template, use the following command:

nuclei -u https://target:9090 -t CVE-2024-36991.yaml

Disclaimer

This template is created for educational purposes only. Unauthorized use of this template on systems you do not own or have explicit permission to test is illegal and unethical. Use this tool responsibly and only on systems where you have permission to perform security testing.

License

This project is licensed under the MIT License.

Author: Sardine Web