Lucene search
K

Apache NiFi Version Scanner

🗓️ 29 May 2023 19:52:02Reported by h00dieType 
metasploit
 metasploit
🔗 www.rapid7.com👁 307 Views

Apache NiFi Version Scanner module identifies and reports Apache NiFi website versions

Code
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::HttpClient
  include Msf::Auxiliary::Scanner
  include Msf::Exploit::Remote::HTTP::Nifi

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Apache NiFi Version Scanner',
        'Description' => %q{
          This module identifies Apache NiFi websites and reports their version number.

          Tested against NiFi major releases 1.14.0 - 1.21.0, and 1.11.0-1.13.0
          Also works against NiFi <= 1.13.0, but the module needs to be adjusted:
          set SSL false
          set rport 8080
        },
        'License' => MSF_LICENSE,
        'Author' => [
          'h00die',
        ],
        'Notes' => {
          'Stability' => [CRASH_SAFE],
          'Reliability' => [],
          'SideEffects' => []
        }
      )
    )
  end

  def run_host(ip)
    vprint_status("Checking #{ip}")
    version = get_version

    if version.nil?
      print_bad("Apache NiFi not detected on #{ip}")
      return
    end

    print_good("Apache NiFi #{version} found on #{ip}")
  end
end

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

10 Jul 2026 19:01Current
7.1High risk
Vulners AI Score7.1
307