GitHub - r00tpgp/http-vuln-CVE-2019-16759: Nmap NSE Script to Detect vBulletin pre-auth 5.x RCE CVE-2019-16759

1 Branch 0 Tags

Name	Name	Last commit message	Last commit date
Latest commit r00tpgp Update and rename README.md to README Sep 26, 2019 52bae24 · Sep 26, 2019 History 3 Commits
README	README	Update and rename README.md to README	Sep 26, 2019
http-vuln-CVE-2019-16759.nse	http-vuln-CVE-2019-16759.nse	Create http-vuln-CVE-2019-16759 .nse	Sep 26, 2019

Repository files navigation

SUMMARY
-------
Simple NSE script to detect vBulletin 5.x 0day pre-auth RCE.
This should work on all versions from 5.0.0 till 5.5.4


INSTALLATION
------------

$ git clone https://github.com/r00tpgp/http-vuln-CVE-2019-16759
$ cd http-vuln-CVE-2019-16759/
$ sudo cp http-vuln-CVE-2019-16759.nse /usr/share/nmap/scripts/

USAGE
-----
$ sudo nmap --script http-vuln-CVE-2019-16759 -p 80 -sSV <target_ip_addr> 
Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-25 11:45 +08
Nmap scan report for <target_ip_addr>
Host is up (0.32s latency).

PORT   STATE SERVICE VERSION
80/tcp open  http    Apache httpd 2.4.39 ((Amazon) PHP/7.2.17)
|_http-server-header: Apache/2.4.39 (Amazon) PHP/7.2.17
| http-vuln-CVE-2019-16759: 
|   VULNERABLE:
|   vBulletin 5.x 0day pre-auth RCE exploit
|     State: VULNERABLE
|     IDs:  CVE:CVE-2019-16759
|       vBulletin 5.x 0day pre-auth RCE exploit
|       This should work on all versions from 5.0.0 till 5.5.4
|           
|     Disclosure date: 2019-09-23
|     References:
|       https://seclists.org/fulldisclosure/2019/Sep/31
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16759
|_      https://nvd.nist.gov/vuln/detail/CVE-2019-16759

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.73 seconds