Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution

A high-severity vulnerability, CVE-2024-43405, has been discovered in Nuclei, a widely-used open-source vulnerability scanner. The vulnerability allows attackers to bypass signature checks and potentially execute malicious code by exploiting parsing inconsistencies in the template signature verification process. This could lead to arbitrary command execution, data exfiltration, or system compromise if untrusted templates are used.