.. / CVE-2020-10148

Exploit for SolarWinds Orion API - Auth Bypass (CVE-2020-10148)

Description:

SolarWinds Orion API is vulnerable to an authentication bypass vulnerability that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.

Nuclei Template

View the template here CVE-2020-10148.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-10148.yaml

References:

https://gist.github.com/0xsha/75616ef6f24067c4fb5b320c5dfa4965
https://twitter.com/0xsha/status/1343800953946787847
https://github.com/jaeles-project/jaeles-signatures/blob/master/cves/solarwinds-lfi-cve-2020-10148.yaml
https://kb.cert.org/vuls/id/843464
https://nvd.nist.gov/vuln/detail/CVE-2020-10148

.. / CVE-2020-10148 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for SolarWinds Orion API - Auth Bypass (CVE-2020-10148)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-10148