PR
Add CVE-2019-3980 SolarWinds Dameware RCE detection template
projectdiscovery/nuclei-templates#14304
/claim #14297
Summary
Add TCP detection template for CVE-2019-3980 (SolarWinds Dameware Mini Remote Control RCE)
Verification
$ nuclei -t network/cves/2019/CVE-2019-3980.yaml -u 192.168.122.140:6129 -debug
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.5.1
projectdiscovery.io
[INF] Current nuclei version: v3.5.1 (outdated)
[INF] Current nuclei-templates version: v10.3.5 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 57
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] [CVE-2019-3980] Dumped Network request for 192.168.122.140:6129
00000000 30 11 00 00 00 00 00 00 00 00 00 00 00 00 28 40 |0.............(@|
00000010 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 03 00 00 00 |........| address=192.168.122.140:6129
[CVE-2019-3980:binary-1] [tcp] [critical] 192.168.122.140:6129
[DBG] [CVE-2019-3980] Dumped Network response for 192.168.122.140:6129
00000000 30 11 00 00 00 00 00 00 00 00 00 00 00 00 2c 40 |0.............,@|
00000010 00 00 00 00 00 00 00 00 03 00 00 00 01 00 00 00 |................|
00000020 00 00 00 00 1e 00 00 00 71 11 01 00 e0 34 00 00 |........q....4..|
00000030 31 00 32 00 2f 00 30 00 39 00 2f 00 32 00 35 00 |1.2./.0.9./.2.5.|
00000040 2d 00 30 00 31 00 3a 00 35 00 34 00 3a 00 35 00 |-.0.1.:.5.4.:.5.|
00000050 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |1...............|
00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000210 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000220 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000230 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000240 00 00 00 00 2f 4f c8 33 ff c3 bc b4 00 5b d9 a0 |..../O.3.....[..|
00000250 7f f4 92 14 a5 e3 0f 57 4b 47 0a ea 74 73 2d c2 |.......WKG..ts-.|
00000260 99 32 d3 98 75 6c 2b 64 4f 3e f5 57 49 4a 37 42 |.2..ul+dO>.WIJ7B|
00000270 9d 37 a1 d9 95 07 df e2 2f de 23 9b 58 7f 28 65 |.7....../.#.X.(e|
00000280 bc 52 d0 a6 42 b1 65 30 95 c1 b8 e7 63 c5 6b e5 |.R..B.e0....c.k.|
00000290 43 13 12 ee b1 a7 46 a9 77 a7 0d 96 e7 d7 1c d9 |C.....F.w.......|
000002a0 ef 2c a9 98 74 86 2d c6 bb 9a 76 6f c0 e2 71 10 |.,..t.-...vo..q.|
000002b0 3e 8e f1 f7 2a 12 98 99 d2 dc 8a 62 02 4b bc 92 |>...*......b.K..|
000002c0 bd e7 c4 6a 03 d4 33 5f 23 44 7e 71 e1 a5 d2 0e |...j..3_#D~q....|
000002d0 e4 64 03 26 8f f7 10 25 7b bf 0c 2d bd d2 4f 34 |.d.&...%{..-..O4|
000002e0 92 dd 26 1a ba fb c9 dd 42 e2 95 39 1b 2f 58 71 |..&.....B..9./Xq|
000002f0 8f 19 fb f1 0a f2 c6 1c 74 a9 7c 26 18 86 4c a9 |........t.|&..L.|
00000300 28 71 d8 e3 fd af c9 b2 9b c0 fb 43 f7 27 63 a8 |(q.........C.'c.|
00000310 7c 31 65 44 df 76 dc db a5 26 72 2a b5 a2 48 1e ||1eD.v...&r*..H.|
00000320 af 8a bd ed f1 b4 ba 95 5d 29 a3 6e ea ad a2 46 |........]).n...F|
00000330 3c bf c1 85 18 a2 c8 db 3c cd de 0b 70 81 de 51 |<.......<...p..Q|
00000340 7c a0 87 77 5a c4 7e 77 11 12 bf 2d 92 93 a7 8f ||..wZ.~w...-....|
00000350 87 c4 89 49 f0 9f b8 1c 47 de 83 03 4b 9c 57 b5 |...I....G...K.W.|
00000360 74 5a ce 15 50 e0 b0 86 fa 4c 8a de 34 59 ac 22 |tZ..P....L..4Y."|
00000370 3c 39 9d 54 b0 e8 40 19 83 6b 13 0b 1d b7 a1 a8 |<9.T..@..k......|
00000380 64 77 f4 ff 49 01 de 29 29 e5 b7 d2 a4 3f 51 a2 |dw..I..))....?Q.|
00000390 f2 8c 77 c5 09 d9 36 f4 60 e9 67 b9 39 b2 4e 8e |..w...6.`.g.9.N.|
000003a0 d1 b7 8d c0 04 0d 77 41 40 b3 48 9e 7b 3c d0 2d |......wA@.H.{<.-|
000003b0 f4 a7 26 6f 6b a7 3b e0 47 c4 3d d4 f1 29 80 f7 |..&ok.;.G.=..)..|
000003c0 03 79 fa e3 b0 a0 8f 6a 76 78 cc a8 94 35 cb ed |.y.....jvx...5..|
000003d0 53 a4 0e 0f df b7 d8 34 d5 0c 8f 36 38 47 8f 5e |S......4...68G.^|
000003e0 9a 43 da b3 2c 41 59 04 cc e9 bc b9 d8 36 55 9c |.C..,AY......6U.|
000003f0 31 56 c3 c5 9c 1d 4e 14 92 d8 5b e7 2f 8f 91 db |1V....N...[./...|
00000400 0f e2 58 1e 91 05 8d c2 6a 91 c8 1c 3b 9d ab d0 |..X.....j...;...|
00000410 e3 42 7a a1 ee be ca a5 59 b8 c1 2d 26 f1 2f e3 |.Bz.....Y..-&./.|
00000420 ff ae e7 0b be cf 06 71 c2 db df ba 63 9c 4e 6e |.......q....c.Nn|
00000430 4f 44 9d c3 9d 94 a8 66 31 97 41 f8 4f f2 4d 41 |OD.....f1.A.O.MA|
00000440 9c 7a 28 e0 32 6d d1 5f ab c0 27 61 fa 14 05 53 |.z(.2m._..'a...S|
00000450 c8 f0 62 53 d2 f4 02 ee eb 47 41 2e 7d 64 7e 8e |..bS.....GA.}d~.|
00000460 59 31 86 d8 85 0f 99 f3 bc 36 dc f2 96 ef 36 63 |Y1.......6....6c|
00000470 26 c8 a6 7f d0 3a 9c d6 44 54 c1 8d 6d f7 64 00 |&....:..DT..m.d.|
00000480 9f 46 10 a2 e1 15 6e 1e 1e 7b 5e f3 ce 43 eb b7 |.F....n..{^..C..|
00000490 06 20 bf 94 8c 22 20 32 2b c6 d2 75 a5 c4 f0 59 |. ..." 2+..u...Y|
000004a0 ff 7f 80 ef 25 09 10 df 06 d3 53 a5 35 1b 4e bf |....%.....S.5.N.|
000004b0 13 6d fd 47 b0 14 cd 5c ea 8b b1 5a 26 27 3a 0a |.m.G...\...Z&':.|
000004c0 6c c9 70 86 80 f9 1c 5b 35 85 24 e9 f1 20 37 84 |l.p....[5.$.. 7.|
000004d0 c3 f6 b2 b8 9d 02 a7 08 a5 43 cb 5c 7d e7 d8 1e |.........C.\}...|
000004e0 49 6c 73 af 6e c7 31 ee 11 11 f4 2b a4 cd 06 c0 |Ils.n.1....+....|
000004f0 ee e3 ca 22 06 fd 20 d9 16 57 a5 51 b7 fe e7 a7 |...".. ..W.Q....|
00000500 1e 3e b9 9e e3 9d 41 c3 b2 6b c9 5d 0a 47 b2 ed |.>....A..k.].G..|
00000510 3a da f6 bf b9 68 bf 57 bc 53 8f d2 35 0c 1c f3 |:....h.W.S..5...|
00000520 33 19 40 51 05 5b e6 ec a8 9c df fc 91 6b 4b a6 |3.@Q.[.......kK.|
00000530 70 13 d1 fc 71 f3 c9 43 19 70 57 7f e0 ea 65 af |p...q..C.pW...e.|
00000540 29 54 4c f3 11 8e b3 7a 67 26 0f 85 3c cb d9 b9 |)TL....zg&..<...|
00000550 4f dc 61 f3 93 90 d8 52 f3 15 b9 bf 1a 26 ad b4 |O.a....R.....&..|
00000560 44 7d 72 ca 06 aa 9a 1c c8 cb 50 50 b4 2e 38 d2 |D}r.......PP..8.|
00000570 a7 d0 2a f8 17 f2 12 fa e6 5b 99 27 fd cb a9 8a |..*......[.'....|
00000580 03 87 e2 bd 6d 01 e6 7d c2 f8 ac 0f f6 f7 5c 64 |....m..}......\d|
00000590 04 41 80 3f 7a 41 99 45 9e 20 5c 8c f0 f0 b5 e2 |.A.?zA.E. \.....|
000005a0 a2 46 8d 45 f7 b2 17 98 a1 60 86 fa 9f 39 29 45 |.F.E.....`...9)E|
000005b0 0b e1 b5 6d 08 a9 15 32 e5 c6 5c 51 4c 08 8d d3 |...m...2..\QL...|
000005c0 ea b5 57 43 00 3a 8c dc 6c e0 28 83 25 72 24 0e |..WC.:..l.(.%r$.|
000005d0 b5 70 53 67 4c d5 b6 7c c4 23 60 31 a8 af 95 89 |.pSgL..|.#`1....|
000005e0 98 87 ee a8 44 7e 5a 13 b1 4d 32 25 c8 5f c7 a1 |....D~Z..M2%._..|
000005f0 b3 67 c3 db 7e 63 3a 4f 29 ad c8 86 be 8d 55 c7 |.g..~c:O).....U.|
00000600 e7 47 a1 04 3d 68 8e 8d 6e fb bd ba 91 82 3d c7 |.G..=h..n.....=.|
00000610 d7 90 bc a2 d8 7f cd 72 01 cd 76 d0 64 44 51 bb |.......r..v.dDQ.|
00000620 47 ee e4 6a 42 b0 cd 37 d8 f6 be cc 87 3c 28 78 |G..jB..7.....<(x|
00000630 cb 43 eb 0b 5b 56 5a 80 db f1 29 3a 6d 77 d9 56 |.C..[VZ...):mw.V|
00000640 92 0b aa ff 66 17 73 c6 6a f6 0e 78 17 d3 56 d2 |....f.s.j..x..V.|
00000650 43 a0 8d 87 03 3e ac 07 25 60 f8 56 25 b7 ac 3b |C....>..%`.V%..;|
00000660 c5 8c 7a c0 6b 7c ec ea b6 0f 94 20 41 fe 7a 19 |..z.k|..... A.z.|
00000670 46 e4 a5 f0 ab d3 84 7d 73 d3 2b f8 a7 9c 7f 68 |F......}s.+....h|
00000680 c7 c9 09 98 0d ec 3c ac 2e a4 f2 fd 54 46 14 7c |......<.....TF.||
00000690 6c f4 62 ae 79 f5 e1 4f e6 b9 9f 24 61 8c f6 7a |l.b.y..O...$a..z|
000006a0 e1 c7 f0 05 f9 ac 09 f7 97 05 50 d2 22 7d cd 91 |..........P."}..|
000006b0 c0 37 c2 bb 7a 2c ed 97 12 6c c5 21 44 27 d8 18 |.7..z,...l.!D'..|
000006c0 2b 6b fe 63 ce fc a5 c0 2e 77 cc 87 3d 0b bc c5 |+k.c.....w..=...|
000006d0 ff 47 c5 c2 9a 0f 7a 7c 1b cc d6 f6 e7 29 7a 72 |.G....z|.....)zr|
000006e0 75 f6 3b 4c 41 a6 cf d0 41 24 87 e5 76 a8 a4 d9 |u.;LA...A$..v...|
000006f0 28 10 89 3c 5f 79 3d 3b 6c b6 fe 7e 77 ae 9c eb |(..<_y=;l..~w...|
00000700 6a db 61 83 6d cd 0c 6e 19 d3 dd 9b 00 7d 59 59 |j.a.m..n.....}YY|
00000710 7a c8 23 70 db 72 4c be 7d fb 1d 45 99 70 32 aa |z.#p.rL.}..E.p2.|
00000720 20 47 5e c1 5d d0 3e d2 a0 1e 55 0b 0b 9e c7 6a | G^.].>...U....j|
00000730 83 12 45 29 78 a3 b4 c6 d0 26 d3 18 4b d9 36 dc |..E)x....&..K.6.|
00000740 d4 c1 80 bb 00 1f 23 8c 56 c7 26 bf 67 8f 5e b7 |......#.V.&.g.^.|
00000750 13 f1 e2 74 e9 3b ab 65 4a 52 b6 94 58 7e 81 94 |...t.;.eJR..X~..|
00000760 c1 e8 a4 f5 36 e1 3d 35 ac 6b f0 f8 e8 84 a0 47 |....6.=5.k.....G|
00000770 a4 fa 39 89 69 a0 4c 31 f7 c3 5e b5 59 02 3b d5 |..9.i.L1..^.Y.;.|
00000780 8a 2a ba 2a 78 be fb 8a 59 48 e6 f2 84 3c 78 aa |.*.*x...YH...<x.|
00000790 f6 4d 08 a8 ac 0b 37 40 21 82 2b b8 02 48 fe b6 |.M....7@!.+..H..|
000007a0 67 ad 00 09 bf bb bb 16 4f 51 7c 66 c2 ab d6 18 |g.......OQ|f....|
000007b0 10 14 95 b8 e3 77 55 9b 80 12 aa 87 83 f9 5f 4f |.....wU......._O|
000007c0 5b 23 28 be d3 44 2f a3 7d 5b 72 b0 66 51 4b f5 |[#(..D/.}[r.fQK.|
000007d0 95 63 c5 cb b2 17 fc fa 61 ce b3 64 64 2f 6b 0a |.c......a..dd/k.|
000007e0 24 34 d5 03 a2 4f d0 55 ac 25 b3 dd 0e 28 2a 9f |$4...O.U.%...(*.|
000007f0 48 10 85 99 de 42 86 df cb f3 43 62 0a 6f e6 16 |H....B....Cb.o..|
00000800 0a 08 4f 64 12 c9 62 aa 9b 63 8a 74 28 c4 62 dc |..Od..b..c.t(.b.|
00000810 29 4d 73 e3 07 5f 14 59 4f a0 63 11 13 60 4c 44 |)Ms.._.YO.c..`LD|
00000820 bf ea a3 8c 28 0a c0 bd |....(...|
[INF] Scan completed in 1.15353982s. 1 matches found.
Matched bytes at offset 0x28: 71 11 01 00 = MSG_CLIENT_INFORMATION_V7 (0x00011171)
Test plan
- Syntax validation passes
- True positive: Dameware 12.1.0.89 on Windows VM
- False positive: Does not match SSH, HTTP, or closed ports
Claim
Total prize pool
$100
Total paid
$0
Status
Pending
Submitted
December 09, 2025
Last updated
December 09, 2025
Contributors
KR
KrE80r
@KrE80r
Sponsors
PR
ProjectDiscovery
@projectdiscovery
$100