From 54321248201312a20afee69ad5c9f0065cc60f7e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 20 Jun 2022 21:37:02 +0530 Subject: [PATCH] Update CVE-2017-5521.yaml --- cves/2017/CVE-2017-5521.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/cves/2017/CVE-2017-5521.yaml b/cves/2017/CVE-2017-5521.yaml index 05ff4aca94..1ec3a1db53 100644 --- a/cves/2017/CVE-2017-5521.yaml +++ b/cves/2017/CVE-2017-5521.yaml @@ -4,19 +4,20 @@ info: name: NETGEAR Routers - Authentication Bypass author: princechaddha severity: high - description: NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server. + description: | + NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server. reference: - - https://www.cvedetails.com/cve/CVE-2017-5521/ - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/ - http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability - http://web.archive.org/web/20210123212905/https://www.securityfocus.com/bid/95457/ - https://nvd.nist.gov/vuln/detail/CVE-2017-5521 + - https://www.cvedetails.com/cve/CVE-2017-5521/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2017-5521 cwe-id: CWE-200 - tags: cve,cve2017,auth-bypass,netgear + tags: cve,cve2017,auth-bypass,netgear,router requests: - method: GET @@ -26,11 +27,12 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "right\">Router\\s*Admin\\s*Username<" - "right\">Router\\s*Admin\\s*Password<" condition: and - part: body + - type: status status: - 200