github projectdiscovery/nuclei-templates v9.9.0
v9.9.0 - Kubernetes Cluster Security 🎉
on GitHub

3 days ago

🔥 Release Highlights 🔥

We are expanding the Nuclei Templates to include a specialized set of security checks dedicated to Kubernetes environments. This initiative will cover various Kubernetes components such as Pods, Deployments, StatefulSets, Services, and Network Policies. The new templates will focus on common misconfigurations, compliance issues, and adherence to industry best practices, utilizing the enhanced capabilities like flow, code & javascript protocol.

The addition of these Kubernetes-specific templates will enable security teams to perform in-depth security assessments of Kubernetes clusters, identifying critical misconfigurations and vulnerabilities. Additionally, this update will support customizable checks that align with unique operational needs, helping teams efficiently detect and address security gaps in their Kubernetes setups.

We invite contributors and reviewers to offer their insights and suggestions to refine and advance the development of these Kubernetes security templates. You can read more about it in this blog post.

Other Highlights

What's Changed

New Templates Added: 164 | CVEs Added: 41 | First-time contributions: 4

  • [CVE-2024-37393] SecurEnvoy Two Factor Authentication - LDAP Injection (s4e-garage) [critical]
  • [CVE-2024-36837] CRMEB v.5.2.2 - SQL Injection (@dhiyaneshdk) [high]
  • [CVE-2024-36527] Puppeteer Renderer - Directory Traversal (@Stux) [medium]
  • [CVE-2024-36412] SuiteCRM - SQL Injection (s4e-garage) [critical]
  • [CVE-2024-34982] LyLme-Spage - Arbitary File Upload (@dhiyaneshdk) [high]
  • [CVE-2024-32113] Apache OFBiz Directory Traversal - Remote Code Execution (@dhiyaneshdk) [high] 🔥
  • [CVE-2024-31982] XWiki < 4.10.20 - Remote code execution (@ritikchaddha) [critical] 🔥
  • [CVE-2024-31750] F-logic DataCube3 - SQL Injection (@dhiyaneshdk) [high]
  • [CVE-2024-29973] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection (@ritikchaddha) [critical] 🔥
  • [CVE-2024-29895] Cacti cmd_realtime.php - Command Injection (@pussycat0x) [critical] 🔥
  • [CVE-2024-29824] Ivanti EPM - Remote Code Execution (@dhiyaneshdk) [critical] 🔥
  • [CVE-2024-28995] SolarWinds Serv-U - Directory Traversal (@dhiyaneshdk) [high] 🔥
  • [CVE-2024-27718] Smart s200 Management Platform v.S200 - SQL Injection (@dhiyaneshdk) [high]
  • [CVE-2024-24565] CrateDB Database - Arbitrary File Read (@dhiyaneshdk) [medium]
  • [CVE-2024-24112] Exrick XMall - SQL Injection (@dhiyaneshdk) [critical]
  • [CVE-2024-23692] Rejetto HTTP File Server - Template injection (@johnk3r) [critical] 🔥
  • [CVE-2024-21650] XWiki < 4.10.20 - Remote code execution (@ritikchaddha) [critical]
  • [CVE-2024-4443] Business Directory Plugin <= 6.4.2 - SQL Injection (s4e-garage) [critical]
  • [CVE-2024-3922] Dokan Pro <= 3.10.3 - SQL Injection (s4e-garage) [critical]
  • [CVE-2024-3552] Web Directory Free < 1.7.0 - SQL Injection (s4e-garage) [critical]
  • [CVE-2024-3274] D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure (@dhiyaneshdk) [medium]
  • [CVE-2024-2621] Fujian Kelixin Communication - Command Injection (@dhiyaneshdk) [medium]
  • [CVE-2024-1728] Gradio > 4.19.1 UploadButton - Path Traversal (@isacaya) [high]
  • [CVE-2024-0939] Smart S210 Management Platform - Arbitary File Upload (@dhiyaneshdk) [critical]
  • [CVE-2024-0250] Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect (s4e-garage) [medium]
  • [CVE-2023-51449] Gradio Hugging Face - Local File Inclusion (@nvn1729) [high] 🔥
  • [CVE-2023-50720] XWiki < 4.10.15 - Email Disclosure (@ritikchaddha) [medium]
  • [CVE-2023-50719] XWiki < 4.10.15 - Sensitive Information Disclosure (@ritikchaddha) [high] 🔥
  • [CVE-2023-48241] XWiki < 4.10.15 - Information Disclosure (@ritikchaddha) [high]
  • [CVE-2023-46732] XWiki < 14.10.14 - Cross-Site Scripting (@ritikchaddha) [medium]
  • [CVE-2023-45136] XWiki < 14.10.14 - Cross-Site Scripting (@ritikchaddha) [medium]
  • [CVE-2023-43472] MLFlow < 2.8.1 - Sensitive Information Disclosure (@ritikchaddha) [high] 🔥
  • [CVE-2023-38194] SuperWebMailer - Cross-Site Scripting (@ritikchaddha) [medium]
  • [CVE-2023-37645] EyouCms v1.6.3 - Information Disclosure (@pussycat0x) [medium]
  • [CVE-2023-32068] XWiki - Open Redirect (@ritikchaddha) [medium]
  • [CVE-2023-6786] Payment Gateway for Telcell < 2.0.4 - Open Redirect (s4e-garage) [medium]
  • [CVE-2023-6505] Prime Mover < 1.9.3 - Sensitive Data Exposure (s4e-garage) [high]
  • [CVE-2021-43831] Gradio < 2.5.0 - Arbitrary File Read (@isacaya) [high]
  • [CVE-2021-38147] Wipro Holmes Orchestrator 20.4.1 - Information Disclosure (s4e-garage) [high]
  • [CVE-2021-38146] Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download (s4e-garage) [high]
  • [CVE-2021-4436] 3DPrint Lite < 1.9.1.5 - Arbitrary File Upload (s4e-garage) [critical]
  • [sns-public-subscribe-access] Public Subscription Access of SNS Topics via Policy (@Ritesh_Gohil(#L4stPL4Y3R)) [high]
  • [k8s-cpu-limits-not-set] CPU limits not set in Deployments (@princechaddha) [medium]
  • [k8s-cpu-requests-not-set] CPU Requests not set in Deployments (@princechaddha) [medium]
  • [k8s-default-namespace-used] Default Namespace Usage in Deployments (@princechaddha) [high]
  • [k8s-host-ports-check] Host ports should not be used (@princechaddha) [medium]
  • [k8s-image-pull-policy-always] Image Pull Policy set to Always (@princechaddha) [low]
  • [k8s-image-tag-not-fixed] Image Tag should be fixed - not latest or blank (@princechaddha) [low]
  • [k8s-liveness-probe-not-configured] Liveness Probe Not Configured in Deployments (@princechaddha) [medium]
  • [k8s-memory-limits-not-set] Memory limits not set in Deployments (@princechaddha) [medium]
  • [k8s-memory-requests-not-set] Memory requests not set in Deployments (@princechaddha) [medium]
  • [minimize-added-capabilities] Minimize container added capabilities (@princechaddha) [high]
  • [k8s-privileged-containers] Privileged Containers Found in Deployments (@princechaddha) [critical]
  • [k8s-readiness-probe-not-set] Readiness Probes not set in Deployments (@princechaddha) [medium]
  • [k8s-root-container-admission] Minimize the admission of root containers (@princechaddha) [critical]
  • [k8s-seccomp-profile-set] Set appropriate seccomp profile (@princechaddha) [medium]
  • [kubernetes-code-env] Kubernetes Cluster Validation (@princechaddha) [info]
  • [k8s-netpol-egress-rules] Network policies define egress rules (@princechaddha) [medium]
  • [k8s-netpol-namespace] Network Policies specify namespace (@princechaddha) [medium]
  • [k8s-network-ingress-rules] Define network ingress rules (@princechaddha) [medium]
  • [k8s-allow-privilege-escalation-set] Containers run with allowPrivilegeEscalation enabled (@princechaddha) [critical]
  • [k8s-containers-share-host-ipc] Containers sharing host IPC namespace (@princechaddha) [critical]
  • [k8s-host-network-namespace-shared] Host Network Namespace Sharing (@princechaddha) [high]
  • [k8s-host-pid-namespace-sharing] Host PID Namespace Sharing (@princechaddha) [critical]
  • [k8s-readonly-fs] Enforce Read-Only Filesystem for Containers (@princechaddha) [critical]
  • [k8s-readonly-rootfs] Pods with read-only root filesystem (@princechaddha) [medium]
  • [k8s-root-user-id] Pods run with root user ID (@princechaddha) [low]
  • [audit-log-path-set] Ensure audit-log-path set (@princechaddha) [medium]
  • [k8s-enc-prov-conf] Ensure that encryption providers are configured (@princechaddha) [medium]
  • [k8s-etcd-cafile-set] Ensure etcd-cafile argument set (@princechaddha) [medium]
  • [k8s-etcd-files-set] Ensure etcd cert and key set (@princechaddha) [medium]
  • [k8s-ns-usage-check] Ensure namespaces are utilized (@princechaddha) [info]
  • [k8s-svc-acct-issuer-set] Checks if service-account-issuer is correctly configured (@princechaddha) [medium]
  • [k8s-svc-acct-key] Ensure service-account-key-file set (@princechaddha) [medium]
  • [k8s-svc-acct-lookup-set] Ensure service-account-lookup set (@princechaddha) [medium]
  • [k8s-tls-config-set] Ensure TLS config appropriately set (@princechaddha) [medium]
  • [time-based-sqli] Time-Based Blind SQL Injection (@0xKayala) [critical]
  • [anthem-deeppanda-malware-hash] Anthem DeepPanda Trojan Kakfum Malware Hash - Detect (@pussycat0x) [info]
  • [applejeus-malware-hash] AppleJeus Malware Hash - Detect (@pussycat0x) [info]
  • [avburner-malware-hash] AVBurner Malware Hash - Detect (@pussycat0x) [info]
  • [backwash-malware-hash] Backwash Malware Hash - Detect (@pussycat0x) [info]
  • [blackenergy-driver-amdide-hash] Blackenergy-Driver Amdide Hash - Detect (@pussycat0x) [info]
  • [blackenergy-driver-malware-hash] BlackEnergy Driver USBMDM Malware Hash - Detect (@pussycat0x) [info]
  • [blackenergy-killdisk-malware-hash] BlackEnergy KillDisk Malware Hash - Detect (@pussycat0x) [info]
  • [blackenergy-ssh-malware-hash] BlackEnergy BackdoorPass DropBear SSH Malware Hash - Detect (@pussycat0x) [info]
  • [blackenergy-vbs-malware-hash] BlackEnergy VBS Agent Malware Hash - Detect (@pussycat0x) [info]
  • [bluelight-malware-hash] bluelight Malware Hash - Detect (@pussycat0x) [info]
  • [bluetermite-emdivi-malware-hash] Bluetermite Emdivi Malware Hash - Detect (@pussycat0x) [info]
  • [bluetermite-emdivi-sfx-hash] Bluetermite Emdivi SFX Malware Hash - Detect (@pussycat0x) [info]
  • [charmingcypress-malware-hash] CharmingCypress Malware Hash - Detect (@pussycat0x) [info]
  • [cheshirecat-malware-hash] CheshireCat Malware Hash - Detect (@pussycat0x) [info]
  • [cloudduke-malware-hash] CloudDuke Malware Hash - Detect (@pussycat0x) [info]
  • [codoso-gh0st-malware] Codoso APT Gh0st Malware Hash - Detect (@pussycat0x) [info]
  • [codoso-malware-hash] Codoso APT Malware Hash - Detect (@pussycat0x) [info]
  • [codoso-pgv-malware-hash] Codoso APT PGV_PVID Malware Hash - Detect (@pussycat0x) [info]
  • [codoso-plugx-malware-hash] Codoso APT PlugX Malware Hash - Detect (@pussycat0x) [info]
  • [disgomoji-malware-hash] DISGOMOJI Malware Hash - Detect (@pussycat0x) [info]
  • [dubnium-malware-hash] Dubnium Malware Hash - Detect (@pussycat0x) [info]
  • [dubnium-sshopenssl-malware-hash] Dubnium Sample SSHOpenSSL Hash - Detect (@pussycat0x) [info]
  • [emissary-malware-hash] Emissary APT Malware Hash - Detect (@pussycat0x) [info]
  • [evilbamboo-malware-hash] EvilBamboo Malware Hash - Detect (@pussycat0x) [info]
  • [fakem-malware-hash] FakeM_Generic Malware Hash - Detect (@pussycat0x) [info]
  • [flipflop-ldr-malware-hash] Flipflop Loader Hash - Detect (@pussycat0x) [info]
  • [furtim-malware-hash] Furtim Malware Hash - Detect (@pussycat0x) [info]
  • [gimmick-malware-hash] GIMMICK Malware Hash - Detect (@pussycat0x) [info]
  • [godzilla-webshell-hash] Godzilla Webshell Hash - Detect (@pussycat0x) [info]
  • [greenbug-malware-hash] Greenbug Malware Hash - Detect (@pussycat0x) [info]
  • [ico-malware-hash] ICO Malware Hash - Detect (@pussycat0x) [info]
  • [industroyer-malware-hash] Industroyer Malware Hash - Detect (@pussycat0x) [info]
  • [ironpanda-htran-malware-hash] Iron Panda Malware Htran Hash - Detect (@pussycat0x) [info]
  • [ironpanda-dnstunclient-malware-hash] Iron Panda malware DnsTunClient Hash - Detect (@pussycat0x) [info]
  • [ironpanda-malware-hash] Iron Panda Malware Hash - Detect (@pussycat0x) [info]
  • [locky-ransomware-hash] Locky Ransomware Hash - Detect (@pussycat0x) [info]
  • [minidionis-readerview-malware-hash] MiniDionis Malware Hash - Detect (@pussycat0x) [info]
  • [minidionis-vbs-malware-hash] MiniDionis VBS Dropped File Hash - Detect (@pussycat0x) [info]
  • [naikon-apt-malware-hash] Backdoor Naikon APT Malware Hash - Detect (@pussycat0x) [info]
  • [neuron2-malware-hash] Neuron2 Loader Strings Turla APT loader Hash - Detect (@pussycat0x) [info]
  • [oilrig-malware-hash] OilRig Malware Campaign Gen1 Hash - Detect (@pussycat0x) [info]
  • [passcv-ntscan-malware-hash] PassCV Sabre Tool NTScan Malware Hash - Detect (@pussycat0x) [info]
  • [passcv-sabre-malware-hash] PassCV Sabre Malware Hash - Detect (@pussycat0x) [info]
  • [passcv-signingcert-malware-hash] PassCV Sabre Malware Signing Cert Hash - Detect (@pussycat0x) [info]
  • [petya-ransomware-hash] Petya Ransomware Hash - Detect (@pussycat0x) [info]
  • [poseidongroup-maldoc-malware-hash] Poseidon Group Malicious Word Document Hash - Detect (@pussycat0x) [info]
  • [poseidongroup-malware-hash] Poseidon Group Malware Hash - Detect (@pussycat0x) [info]
  • [powerstar-malware-hash] PowerStar Malware Hash - Detect (@pussycat0x) [info]
  • [purplewave-malware-hash] PurpleWave v1.0 Malware Hash - Detect (@pussycat0x) [info]
  • [red-leaves-malware-hash] Red Leaves Malware Hash - Detect (@pussycat0x) [info]
  • [regeorg-webshell-hash] ReGeorg Webshell Hash - Detect (@pussycat0x) [info]
  • [revil-ransomware-hash] Revil Ransomware Hash - Detect (@pussycat0x) [info]
  • [rokrat-malware-hash] ROKRAT Loader Malware Hash- Detect (@pussycat0x) [info]
  • [sauron-malware-hash] Sauron Malware Hash - Detect (@pussycat0x) [info]
  • [seaduke-malware-hash] SeaDuke Malware Hash - Detect (@pussycat0x) [info]
  • [sfx1-malware-hash] Malicious SFX1 Hash - Detect (@pussycat0x) [info]
  • [sfxrar-acrotray-malware-hash] SFXRAR Acrotray Malware Hash - Detect (@pussycat0x) [info]
  • [sharpext-malware-hash] Sharpext Malware Hash - Detect (@pussycat0x) [info]
  • [sofacy-winexe-malware-hash] Sofacy Group Winexe Tool Hash - Detect (@pussycat0x) [info]
  • [sofacy-bundestag-malware-hash] Sofacy Group Malware - Detect (@pussycat0x) [info]
  • [sofacy-fybis-malware-hash] Sofacy Fybis Linux Backdoor Hash - Detect (@pussycat0x) [info]
  • [tidepool-malware-hash] TidePool Malware Hash - Detect (@pussycat0x) [info]
  • [turla-malware-hash] Turla APT Malware - Detect (@pussycat0x) [info]
  • [unit78020-malware-hash] Unit 78020 Malware Hash - Detect (@pussycat0x) [info]
  • [upstyle-malware-hash] Upstyle Malware Hash - Detect (@Kazgangap) [info]
  • [wildneutron-malware-hash] WildNeutron APT Sample Hash - Detect (@pussycat0x) [info]
  • [mantisbt-anonymous-login] mantisbt - Anonymous Login (@pussycat0x) [medium]
  • [lorex-panel] Lorex Panel - Detect (@rxerium) [info]
  • [oracle-application-server-panel] Oracle Application Server Panel - Detect (@righettod) [info]
  • [trellix-panel] Trellix Login Panel (@johnk3r) [info]
  • [turnkey-lamp-panel] TurnKey LAMP Panel - Detect (@ritikchaddha) [info]
  • [veeam-backup-manager-login] Veeam Backup Enterprise Manager Login - Detect (@charles D) [info]
  • [wildix-collaboration-panel] Wildix Collaboration Panel - Detect (@rxerium) [info]
  • [apache-server-status-localhost] Server Status Disclosure (@pdteam, @geeknik, @NaN-KL) [low]
  • [cookies-without-secure] Cookies without Secure attribute - Detect (@vthiery) [info]
  • [apache-allura-detect] Apache Allura - Detection (@icarot) [info]
  • [nperf-server-detect] nPerf Server - Detect (@rxerium) [info]
  • [wordpress-copy-delete-posts] Duplicate Post Detection (@ricardomaia) [info]
  • [wordpress-image-optimization] Image Optimizer by Elementor (@ricardomaia) [info]
  • [wordpress-royal-elementor-addons] Royal Elementor Addons and Templates Detection (@ricardomaia) [info]
  • [wordpress-simple-history] Simple History – Track, Log, and Audit WordPress Changes Detection (@ricardomaia) [info]
  • [wordpress-sticky-header-effects-for-elementor] Sticky Header Effects for Elementor Detection (@ricardomaia) [info]
  • [wordpress-woocommerce-legacy-rest-api] WooCommerce Legacy REST API Detection (@ricardomaia) [info]
  • [gradio-lfi] Gradio 3.47 – 3.50.2 - Local File Inclusion (@nvn1729) [high]
  • [gradio-ssrf] Gradio 3.47 - 3.50.2 - Server-Side Request Forgery (@nvn1729) [high]
  • [fastadmin-lfi] Fastadmin framework - Arbitrary File Read (@Hel10-Web) [high]
  • [mikrotik-ssh-detect] MikroTik RouterOS SSH - Detect (@staticnoise) [info]

New Contributors

Full Changelog: v9.8.9...v9.9.0

Check out latest releases or
releases around projectdiscovery/nuclei-templates v9.9.0

Don't miss a new nuclei-templates release

NewReleases is sending notifications on new releases.

Get notifications