Linux NFS Service Daemon Should Be Disabled

漏洞信息

漏洞名称: Linux NFS Service Daemon Should Be Disabled

漏洞类型: 配置问题

漏洞等级: 高危

漏洞描述: 该漏洞涉及Linux操作系统中的NFS(网络文件系统)服务配置问题。NFS服务允许在网络上共享文件系统,但如果配置不当或未禁用,可能会被未授权用户利用来访问、修改或删除系统文件。此漏洞的技术根源在于NFS服务的不当配置,即服务在不需要时仍保持运行状态,从而暴露了系统文件给潜在的攻击者。由于NFS服务在Linux系统中广泛使用,尤其是在需要文件共享的企业环境中,这一配置问题的影响范围较广。攻击者无需认证即可利用此漏洞,可能导致严重的信息泄露、数据篡改或服务中断。因此,建议在不明确需要NFS服务的情况下,确保其被禁用,以减少潜在的安全风险。

产品名称: Linux NFS Service

来源: https://github.com/projectdiscovery/nuclei-templates/blob/dfc176303ffebe3d9f231045fa3abe2cf2ca9874/misconfiguration%2Flinux%2Flinux-nfs-service-disabled.yaml

类型: projectdiscovery/nuclei-templates:github issues

POC详情

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

id: linux-nfs-service-disabled

info:
  name: NFS Service Daemon Should Be Disabled
  author: songyaeji
  severity: high
  description: >
    If the NFS service is running, unauthorized users may exploit it to access, modify, or delete system files.
    It is recommended to ensure the NFS daemon is disabled when not explicitly required.
  reference:
    - https://isms.kisa.or.kr
    - Cloud Vulnerability Assessment Guide(2024) by KISA
  tags: linux,nfs,misconfiguration,daemon
  metadata:
    verified: true
    os: linux
    max-request: 1
  classification:
    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 7.8
    cwe-id: CWE-284

self-contained: true

code:
  - engine:
      - bash
    source: |
      if ps -ef | grep -v grep | grep -q nfsd; then
        echo "[VULNERABLE] NFS service is active (nfsd is running)"
      else
        echo "[SAFE] NFS service is not running"
      fi
    matchers:
      - type: word
        part: code_1_response
        words:
          - "[VULNERABLE]"

Github Poc
#projectdiscovery/nuclei-templates:github issues #配置问题
Linux NFS Service Daemon Should Be Disabled
http://example.com/2025/07/31/github_712770384/
作者
lianccc
发布于
2025年7月31日
许可协议