Seeyon WooYun - Local File Inclusion

What is the "Seeyon WooYun - Local File Inclusion?" module?

The "Seeyon WooYun - Local File Inclusion" module is designed to detect a vulnerability in the Seeyon WooYun software. This vulnerability allows remote attackers to include the content of locally stored files and disclose it back to the attacker through a technique called local file inclusion. The severity of this vulnerability is classified as high.

This module was authored by princechaddha.

Impact

If successfully exploited, this vulnerability can lead to the unauthorized disclosure of sensitive information stored on the server. Attackers can potentially access files that should not be publicly accessible, such as configuration files or user data.

How does the module work?

The "Seeyon WooYun - Local File Inclusion" module sends an HTTP GET request to the "/NCFindWeb?service=IPreAlertConfigService&filename=WEB-INF/web.xml" path. It then applies several matching conditions to determine if the vulnerability is present.

The matching conditions for this module are as follows:

- The response status code must be 200. - The response body must contain the string "<servlet-name>NCInvokerServlet</servlet-name>". - The response header must contain the string "application/xml".

If all of these conditions are met, the module reports the vulnerability.

Classification:

CWE-ID: CWE-22

CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS-Score: 7.5

Reference