CVE-2024-40641

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-40641
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40641.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-40641
Aliases
Published
2024-07-17T17:34:10.792Z
Modified
2026-03-12T06:17:11.978863Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N CVSS Calculator
Summary
Unsigned code template execution through workflows in projectdiscovery/nuclei
Details

Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL. In affected versions it a way to execute code template without -code option and signature has been discovered. Some web applications inherit from Nuclei and allow users to edit and execute workflow files. In this case, users can execute arbitrary commands. (Although, as far as I know, most web applications use -t to execute). This issue has been addressed in version 3.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Database specific 
{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-78"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/40xxx/CVE-2024-40641.json"
}
References

Affected packages

Git / github.com/projectdiscovery/nuclei

Affected ranges

Type
GIT
Repo
https://github.com/projectdiscovery/nuclei
Events
Introduced
990cec0de154bd3955e0c1e19951f90e06f6ea7c
Fixed
bac917428bcc19e1a3264cce1d467b4776530860
Database specific 
{
    "versions": [
        {
            "introduced": "3.0.0"
        },
        {
            "fixed": "3.3.0"
        }
    ]
}

Affected versions

v3.*
v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.1.0
v3.1.1
v3.1.10
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.1.6
v3.1.7
v3.1.8
v3.1.9
v3.2.0
v3.2.1
v3.2.2
v3.2.3
v3.2.4
v3.2.5
v3.2.6
v3.2.7
v3.2.8
v3.2.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40641.json"