Nuclei template designed to detect Apache servers vulnerable to CVE-2024-38473. It first identifies servers running Apache < 2.4.60 with default PHP-FPM settings.
Then, it fuzzes for potential PHP files protected by ACLs that might be bypassed due to this vulnerability.
git clone https://github.com/juanschallibaum/CVE-2024-38473-Nuclei-Template
2. Navigate to the cloned repository directory:
cd CVE-2024-38473-Nuclei-Template
nuclei -t CVE-2024-38473.yaml -u http://example.com
nuclei -t CVE-2024-38473.yaml -l hosts.txt
nuclei -t CVE-2024-38473.yaml -u http://example.com/valid.php
To easily test the CVE-2024-38473 vulnerability, you can set up a vulnerable environment using Docker. Follow these steps to quickly verify the effectiveness of the Nuclei template:
sudo systemctl start docker
For more information click here.
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…