PR
Add CVE-2018-7841 U.motion Builder <=1.3.4 Remote Command Injection template
projectdiscovery/nuclei-templates#12852
/claim #12851
This PR adds a Nuclei template for CVE-2018-7841 affecting Schneider Electric U.motion Builder <= 1.3.4.
Vulnerability Details
- Type: Remote Command Injection
- Affected Product: Schneider Electric U.motion Builder
- Affected Versions: <= 1.3.4
- Description: The application contains a remote command injection vulnerability in
track_import_export.phpvia theobject_idparameter. This allows attackers to execute arbitrary system commands. - Severity: Critical
Detection Method
This template sends a crafted GET request to the vulnerable endpoint with a malicious object_id value to trigger command execution. The matcher looks for PING in the response body as evidence of successful command injection.
Proof of Concept (PoC) References
- https://packetstormsecurity.com/files/152862/Schneider-Electric-U.Motion-Builder-1.3.4-Command-Injection.html
- https://seclists.org/fulldisclosure/2019/May/26
Debug/Test Command
nuclei -t http/cves/2018/CVE-2018-7841-umotion-track-import-export-rce.yaml -u <target> -debug
<img width="1366" height="768" alt="Screenshot (384)" src="https://github.com/user-attachments/assets/07fdfb72-cb20-41e8-87d5-369e86d3968b" />
Claim
Total prize pool
$50
Total paid
$0
Status
Pending
Submitted
August 09, 2025
Last updated
August 09, 2025
Contributors
SR
sree chakra reddy
@sreechakrareddy-gmail-com
Sponsors
PR
ProjectDiscovery
@projectdiscovery
$50