A vulnerability in Nuclei’s template signature verification system could have allowed attackers to execute arbitrary code.
January 6, 2025 By Ionut Arghire
A security defect in the Nuclei vulnerability scanner could have allowed threat actors to execute arbitrary code using custom code templates.
Relying on simple YAML-based templates, Nuclei is a highly popular vulnerability scanner that can be used with a broad range of assets and which has more than 21,000 stars on GitHub and over 2.1 million downloads.
Tracked as CVE-2024-43405 (CVSS score of 7.8) and affecting Nuclei versions between 3.0.0 and 3.3.1, the code execution issue was identified in the template signature verification process.
“The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template,” a NIST advisory reads.