Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added CVE-2024-24759 Template #11440

Merged
merged 2 commits into from
Jan 30, 2025
Merged

Added CVE-2024-24759 Template #11440

merged 2 commits into from
Jan 30, 2025
+60 −0

Conversation

eeche
Copy link
Contributor

@eeche eeche commented Jan 4, 2025
edited
Loading

Template / PR Information

Template Validation

I've validated this template locally?

  • YES
  • NO

Additional Details (leave it blank if not applicable)

Detects DNS rebinding vulnerability that allows bypass of SSRF protection.
The vulnerability exists in the URL validation mechanism where DNS resolution is performed without considering DNS rebinding attacks.

Additional References:

@eeche eeche force-pushed the CVE-2024-24759 branch 2 times, most recently from aaad149 to fbf2fdc Compare January 4, 2025 07:24
@jackhax
Copy link
Contributor

jackhax commented Jan 4, 2025

@eeche Thank you for your contribution! The template failed the weak-matcher-checks test. Please review and fix it. You can find more information about matchers here: Nuclei Templating Guide for matchers.

@eeche
Copy link
Contributor Author

eeche commented Jan 17, 2025

@eeche Thank you for your contribution! The template failed the weak-matcher-checks test. Please review and fix it. You can find more information about matchers here: Nuclei Templating Guide for matchers.

I fixed it!

@eeche eeche force-pushed the CVE-2024-24759 branch 2 times, most recently from 724bbdb to e70f641 Compare January 29, 2025 08:45
@eeche
Added CVE-2024-24759 Template
79031a9 
Fixed CVE-2024-24759 Template

Fixed CVE-2024-24759 Template

Fix impact, typo

Fixed CVE-2024-24759 Template

Updated CVE-2024-24759 Template

Enhance matcher checks

Edit typo
@eeche
Copy link
Contributor Author

eeche commented Jan 29, 2025

Hi @jackhax! I enhanced the template to make it better. Please review it again.

@ritikchaddha ritikchaddha self-assigned this Jan 30, 2025
@ritikchaddha ritikchaddha added the Done Ready to merge label Jan 30, 2025
@ritikchaddha
Copy link
Contributor

Hello @eeche, thank you so much for sharing this template with the community and contributing to this project 🍻

You can join our discord server. It's a great place to connect with fellow contributors and stay updated with the latest developments. Thank you once again.

@DhiyaneshGeek DhiyaneshGeek merged commit e8a41cd into projectdiscovery:main Jan 30, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DhiyaneshGeek DhiyaneshGeek DhiyaneshGeek approved these changes

Assignees

@ritikchaddha ritikchaddha

Labels
Done Ready to merge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@eeche @jackhax @ritikchaddha @DhiyaneshGeek