Finding Templates
Operations done on Finding Templates
Base URL
https://app.pentest-tools.com/api/v2
Authorization
Use the "API key" from the profile page as the token
Endpoints
- Method
- get
- Path
- /public/finding_templates
Query parameters
- Property
- vuln_id_type
- Type
- string
The vuln_id type of the vulnerability (e.g. "NETSCAN", "WEBSCAN")
- Property
- has_ptt_exploit
- Type
- boolean
Only show vulnerabilities which have/don"t have exploit capabilities. Setting this to false
will only show vulnerabilities without any capabilities.
- Property
- limit
- Type
- integer
the maximum number of templates to return
- Property
- offset
- Type
- integer
the offset to start returning templates from. This does not work without the limit
parameter
Responses
400Invalid parameters
500Internal server error
Request
GET
/public/finding_templatescurl --request GET \
--url https://app.pentest-tools.com/api/v2/public/finding_templates \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'
Response
[
{
"name": "OS Command Injection",
"software_type": "Web Server",
"vendor": "Microsoft",
"product": "Laravel",
"date": "2020-12-25T00:00:00.000Z",
"codename": "OMIGOD",
"vuln_description": "We found that the target F5 BIG-IP server is vulnerable to CVE-2020-5902, a Remote Code Execution vulnerability, affecting the Traffic Management User Interface (TMUI) component, which is publicly accessible.\\nThe root cause of this vulnerability consists in a broken parser logic in the Tomcat endpoint. This allows an unauthenticated malicious attacker to access any file stored on the server.\\nWe have detected this by sending a HTTP GET request to the tmui endpoint, containing the /etc/passwd file, and looking for the output of the file in the response.",
"public_vuln_description": "F5 BIG-IP server is affected by a Remote Code Execution vulnerability, located in the Traffic Management User Interface (TMUI) component, which is publicly accessible.\\nThe root cause of this vulnerability consists in a broken parser logic in the Tomcat endpoint.\\nThis allows an unauthenticated malicious attacker to access any file stored on the server or to execute arbitrary commands on the server.",
"risk_description": "The risk exists that a remote unauthenticated attacker can fully compromise the F5 BIG-IP server in order to steal confidential information, install ransomware or pivot to the internal network.",
"recommendation": "We recommend upgrading your F5 BIG-IP server to the latest version.",
"public_recommendation": "Upgrade F5 BIG-IP server to the latest version or to a non-vulnerable version listed in K52145254.",
"references": "<a href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5902\" target=\"_blank\">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5902</a><br><a href=\"https://pentest-tools.com/blog/big-ip-tmui-rce/\" target=\"_blank\">https://pentest-tools.com/blog/big-ip-tmui-rce/</a><br><a href=\"https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller/\" target=\"_blank\">https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller/</a><br><a href=\"https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/\" target=\"_blank\">https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/</a>",
"cve": [
"CVE-2021-26855",
"CVE-2021-27065"
],
"ptt_exploit_capabilities": [
"RCE",
"File Read"
],
"vuln_id": "NETSCAN-SNIPER-CVE-2021-42013-RCE",
"in_cisa_catalog": true,
"published": "2021-08-04T00:00:00.000Z",
"updated": "2022-05-25T00:00:00.000Z"
}
]
OK