Popular open-source vulnerability scanner Nuclei has been impacted by a now-addressed high-severity security issue, tracked as CVE-2024-43405, which could be leveraged to facilitate signature check evasion and malicious code execution, according to The Hacker News.Such a flaw stems from Nuclei's template signature verification process, with the simultaneous usage of regular expressions, or regex, and YAML parser potentially resulting in the introduction of a "\r" character read as a line break and leading to the circumvention of regex-based signature verification, a report from Wiz revealed. Further examination showed the inclusion of a signature line-excluding step in the verification process that enables the execution of unverified lines in a scanned template. "Attackers could craft malicious templates containing manipulated # digest lines or carefully placed \r line breaks to bypass Nuclei's signature verification. An attack vector for this vulnerability arises when organizations run untrusted or community-contributed templates without proper validation or isolation," said Wiz researcher Guy Goldenberg.
Vulnerability Management
High-severity Nuclei signature verification bypass issue examined

Adobe Stock
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



