Finding Templates

Operations done on Finding Templates

Base URL

https://app.pentest-tools.com/api/v2

Authorization

Use the "API key" from the profile page as the token

Endpoints

GET/public/finding_templates

Method: get
Path: /public/finding_templates

Get all finding templates

Query parameters

Property: vuln_id_type
Type: string

The vuln_id type of the vulnerability (e.g. "NETSCAN", "WEBSCAN")

Property: has_ptt_exploit
Type: boolean

Only show vulnerabilities which have/don"t have exploit capabilities. Setting this to false will only show vulnerabilities without any capabilities.

Property: limit
Type: integer

the maximum number of templates to return

Property: offset
Type: integer

the offset to start returning templates from. This does not work without the limit parameter

Responses

400Invalid parameters

500Internal server error

Request

GET

/public/finding_templates

curl --request GET \
  --url https://app.pentest-tools.com/api/v2/public/finding_templates \
  --header 'accept: application/json' \
  --header 'authorization: Bearer {token}'

Response

[
  {
    "name": "OS Command Injection",
    "software_type": "Web Server",
    "vendor": "Microsoft",
    "product": "Laravel",
    "date": "2020-12-25T00:00:00.000Z",
    "codename": "OMIGOD",
    "vuln_description": "We found that the target F5 BIG-IP server is vulnerable to CVE-2020-5902, a Remote Code Execution vulnerability, affecting the Traffic Management User Interface (TMUI) component, which is publicly accessible.\\nThe root cause of this vulnerability consists in a broken parser logic in the Tomcat endpoint. This allows an unauthenticated malicious attacker to access any file stored on the server.\\nWe have detected this by sending a HTTP GET request to the tmui endpoint, containing the /etc/passwd file, and looking for the output of the file in the response.",
    "public_vuln_description": "F5 BIG-IP server is affected by a Remote Code Execution vulnerability, located in the Traffic Management User Interface (TMUI) component, which is publicly accessible.\\nThe root cause of this vulnerability consists in a broken parser logic in the Tomcat endpoint.\\nThis allows an unauthenticated malicious attacker to access any file stored on the server or to execute arbitrary commands on the server.",
    "risk_description": "The risk exists that a remote unauthenticated attacker can fully compromise the F5 BIG-IP server in order to steal confidential information, install ransomware or pivot to the internal network.",
    "recommendation": "We recommend upgrading your F5 BIG-IP server to the latest version.",
    "public_recommendation": "Upgrade F5 BIG-IP server to the latest version or to a non-vulnerable version listed in K52145254.",
    "references": "<a href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5902\" target=\"_blank\">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5902</a><br><a href=\"https://pentest-tools.com/blog/big-ip-tmui-rce/\" target=\"_blank\">https://pentest-tools.com/blog/big-ip-tmui-rce/</a><br><a href=\"https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller/\" target=\"_blank\">https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller/</a><br><a href=\"https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/\" target=\"_blank\">https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/</a>",
    "cve": [
      "CVE-2021-26855",
      "CVE-2021-27065"
    ],
    "ptt_exploit_capabilities": [
      "RCE",
      "File Read"
    ],
    "vuln_id": "NETSCAN-SNIPER-CVE-2021-42013-RCE",
    "in_cisa_catalog": true,
    "published": "2021-08-04T00:00:00.000Z",
    "updated": "2022-05-25T00:00:00.000Z"
  }
]