From 5e00af02b50e7820c2fefcad83587637f4a4c8cc Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 17 May 2022 11:56:58 +0530
Subject: [PATCH] Update CVE-2019-17506.yaml

---
 cves/2019/CVE-2019-17506.yaml | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/cves/2019/CVE-2019-17506.yaml b/cves/2019/CVE-2019-17506.yaml
index 4363f02d05..0266aa2ecc 100644
--- a/cves/2019/CVE-2019-17506.yaml
+++ b/cves/2019/CVE-2019-17506.yaml
@@ -4,16 +4,17 @@ info:
   name: D-Link DIR-868L/817LW - Information Disclosure
   author: pikpikcu
   severity: critical
-  description: D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers are vulnerable to information disclosure vulnerabilities because certain web interfaces do not require authentication. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
+  description: |
+    D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers are vulnerable to information disclosure vulnerabilities because certain web interfaces do not require authentication. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
   reference:
     - https://github.com/dahua966/Routers-vuls/blob/master/DIR-868/name%26passwd.py
-     - https://nvd.nist.gov/vuln/detail/CVE-2019-17506
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-17506
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-17506
     cwe-id: CWE-306
-  tags: cve,cve2019,dlink,router
+  tags: cve,cve2019,dlink,router,disclosure
 
 requests:
   - method: POST
@@ -27,14 +28,14 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
       - type: word
+        part: body
         words:
           - "</password>"
           - "DEVICE.ACCOUNT"
-        part: body
         condition: and
 
+      - type: status
+        status:
+          - 200
 # Enhanced by mp on 2022/05/16