SUMMARY ------- Simple NSE script to detect vBulletin 5.x 0day pre-auth RCE. This should work on all versions from 5.0.0 till 5.5.4 INSTALLATION ------------ $ git clone https://github.com/r00tpgp/http-vuln-CVE-2019-16759 $ cd http-vuln-CVE-2019-16759/ $ sudo cp http-vuln-CVE-2019-16759.nse /usr/share/nmap/scripts/ USAGE ----- $ sudo nmap --script http-vuln-CVE-2019-16759 -p 80 -sSV <target_ip_addr> Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-25 11:45 +08 Nmap scan report for <target_ip_addr> Host is up (0.32s latency). PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.39 ((Amazon) PHP/7.2.17) |_http-server-header: Apache/2.4.39 (Amazon) PHP/7.2.17 | http-vuln-CVE-2019-16759: | VULNERABLE: | vBulletin 5.x 0day pre-auth RCE exploit | State: VULNERABLE | IDs: CVE:CVE-2019-16759 | vBulletin 5.x 0day pre-auth RCE exploit | This should work on all versions from 5.0.0 till 5.5.4 | | Disclosure date: 2019-09-23 | References: | https://seclists.org/fulldisclosure/2019/Sep/31 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16759 |_ https://nvd.nist.gov/vuln/detail/CVE-2019-16759 Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 12.73 seconds