Share
## https://sploitus.com/exploit?id=058488B1-BC7A-592A-A461-6DB017B50533
CVE-2021-3007 โ€” Laminas/Zend HTTP Deserialization RCE
====================================================

This repository contains a fully reproducible Proof-of-Concept and Nuclei exploit
template for CVE-2021-3007, a critical PHP deserialization vulnerability in
Zend\Http\Response\Stream (laminas-http  Nuclei exploit template
โ”œโ”€โ”€ docker-compose.yml     -> Vulnerable test environment
โ”œโ”€โ”€ Dockerfile
โ”œโ”€โ”€ vulnerable-app/
โ”‚   โ”œโ”€โ”€ index.php          -> unserialize() vulnerable endpoint
โ”‚   โ””โ”€โ”€ composer.json     -> vulnerable dependency
โ”œโ”€โ”€ exploit.php            -> Standalone exploit script
โ””โ”€โ”€ README.txt

---

Requirements
-------------
- Docker / Docker Compose
- Nuclei v3+

---

Run the PoC
-----------

1) Start vulnerable application

   docker-compose up -d

   Verify:
   curl http://127.0.0.1:8080

---

2) Manual exploit test (optional)

   docker exec -it cve-2021-3007-vulnerable php /var/www/html/exploit.php \
     http://localhost/index.php test.txt proof

---

3) Run Nuclei template and collect debug logs

   nuclei -u http://127.0.0.1:8080 \
     -t CVE-2021-3007.yaml \
     -debug -vv \
     -o nuclei-debug-CVE-2021-3007.log

   The debug log contains complete HTTP requests, payload data,
   and exploit verification responses.

---

Cleanup
-------

docker-compose down -v

---

Submission Notes
-----------------

This PoC satisfies the Nuclei Rewards Program requirements:

- Real exploit payload (not version detection)
- Multi-step exploitation flow
- Full -debug execution evidence
- Reproducible vulnerable Docker environment

Files for PR submission:

- CVE-2021-3007.yaml
- nuclei-debug-CVE-2021-3007.log
- Dockerfile
- docker-compose.yml

---

References
----------

- CVE-2021-3007 (NVD)
- Laminas Security Advisory LP-2021-01
- CheckPoint FreakOut botnet research
- VulnMachines PoC repository

---

Legal
-----

For educational and authorized security testing only.