From 53c25ddaef9483171b1ad484724b92e984ba4faf Mon Sep 17 00:00:00 2001
From: j4vaovo <128683738+j4vaovo@users.noreply.github.com>
Date: Fri, 31 Mar 2023 14:30:50 +0800
Subject: [PATCH 1/2] Update CVE-2022-46169.yaml

---
 cves/2022/CVE-2022-46169.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml
index 0e98b5bef4..33765c6b85 100644
--- a/cves/2022/CVE-2022-46169.yaml
+++ b/cves/2022/CVE-2022-46169.yaml
@@ -43,6 +43,11 @@ requests:
         words:
           - "http"
 
+      - type: word
+        part: interactsh_request
+        words:
+          - "User-Agent: curl"
+
       - type: status
         status:
           - 200

From c532a200dfe9ad0dd05ab7aed1c39053fdb8cb41 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Fri, 31 Mar 2023 13:16:12 +0530
Subject: [PATCH 2/2] updated matcher

---
 cves/2022/CVE-2022-46169.yaml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml
index 33765c6b85..81c703891a 100644
--- a/cves/2022/CVE-2022-46169.yaml
+++ b/cves/2022/CVE-2022-46169.yaml
@@ -1,7 +1,7 @@
 id: CVE-2022-46169
 
 info:
-  name: Cacti <= 1.2.22 Unauthenticated Command Injection
+  name: Cacti <= 1.2.22 - Unauthenticated Command Injection
   author: Hardik-Solanki
   severity: critical
   description: |
@@ -19,7 +19,10 @@ info:
   metadata:
     shodan-query: title:"Login to Cacti"
     verified: "true"
-  tags: cve2022,cve,auth-bypass,cacti,kev
+  tags: cve2022,cve,auth-bypass,cacti,kev,rce,unauth
+
+variables:
+  useragent: '{{rand_base(6)}}'
 
 requests:
   - raw:
@@ -46,7 +49,7 @@ requests:
       - type: word
         part: interactsh_request
         words:
-          - "User-Agent: curl"
+          - "User-Agent: {{useragent}}"
 
       - type: status
         status: