Qualcomm 4G LTE WiFi VoIP-Router (#3555)

* Add files via upload * Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖 * Update CVE-2021-44528.yaml * Update CVE-2021-45232.yaml * Add files via upload * removing duplicate template * moving template around * template fix Co-authored-by: GitHub Action <action@github.com> Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 13:33:34 +05:30 · 2022-01-19 13:33:34 +05:30 · 650a38ffde
parent 0e8b34f776
commit 650a38ffde
2 changed files with 27 additions and 1 deletions
--- a/cves/2021/CVE-2021-44528.yaml
+++ b/cves/2021/CVE-2021-44528.yaml
@ -7,12 +7,13 @@ info:
  description: Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.
  reference:
    - https://seclists.org/oss-sec/2021/q4/att-160/7-0-host-authorzation-open-redirect.patch
-  tags: cve,cve2021,redirect
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44528
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.10
    cve-id: CVE-2021-44528
    cwe-id: CWE-601
+  tags: cve,cve2021,redirect

 requests:
  - raw:
--- a/exposed-panels/qualcomm-voip-router.yaml
+++ b/exposed-panels/qualcomm-voip-router.yaml
@ -0,0 +1,25 @@
+id: qualcomm-voip-router
+
+info:
+  name: Qualcomm 4G LTE WiFi VoIP-Router
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-dork: 'app="Qualcomm-4G-LTE-WiFi-VoIP-Router"'
+  tags: panel,qualcomm,iot,router,voip
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>4G LTE WiFi VoIP Router</title>'
+
+      - type: status
+        status:
+          - 200