daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated matcher

patch-1
Ritik Chaddha 2023-08-02 13:47:13 +05:30 committed by GitHub
parent 5c66e70568
commit 580c51dbc2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
http/cves/2023/CVE-2023-1698.yaml
View File

@ -1,11 +1,11 @@
id: CVE-2023-1698
info:
name: WAGO - Unauthenticated Remote Command Execution
name: WAGO - Remote Command Execution
author: xianke
severity: high
description: |
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.
In multiple products of WAGO, a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behavior, Denial of Service, and full system compromise.
reference:
- https://onekey.com/blog/security-advisory-wago-unauthenticated-remote-command-execution/
- https://nvd.nist.gov/vuln/detail/CVE-2023-1698
@ -16,8 +16,8 @@ info:
cwe-id: CWE-78
metadata:
max-request: 1
shodan-query: html:"WAGO"
tags: cve,cve2023,wago,rce,unauth
shodan-query: html:"/wbm/" html:"wago"
tags: cve,cve2023,wago,rce
http:
- raw:
@ -34,8 +34,9 @@ http:
part: body
words:
- '"license":'
- '"package":'
- 'uid'
- '"name":'
- 'uid='
- 'gid='
condition: and
- type: status