Unauthorized-zookeeper #11076
Assignees
Labels
Status: In Progress
This issue is being worked on, and has someone assigned.
template-requests
Request for new Nuclei templates to be created
Comments
h1thub
added
the
template-requests
|
Hello @h1thub, thank you for your help in updating the template. We will review it and update you shortly. |
ritikchaddha
added
the
Status: In Progress
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing template for this?
Template requests
The existing exposed-zookeeper.yaml PoC only uses Zookeeper's four-letter commands to verify the existence of the vulnerability. However, this approach has a significant limitation: if the target Zookeeper instance employs a whitelist to restrict certain four-letter commands, it may lead to a situation where the unauthorized access vulnerability actually exists, but is not detected. Therefore, we are modifying the new PoC as follows, with the relevant details provided below.
https://github.com/h1thub/Unauthorized-zookeeper
Anything else?
No response
The text was updated successfully, but these errors were encountered: