Enhancement: cves/2018/CVE-2018-15745.yaml by mp

2022-06-13 14:41:33 -04:00 · 2022-06-13 14:41:33 -04:00 · 6663037f07
parent f843bbd353
commit 6663037f07
1 changed files with 5 additions and 2 deletions
--- a/cves/2018/CVE-2018-15745.yaml
+++ b/cves/2018/CVE-2018-15745.yaml
@ -1,14 +1,15 @@
 id: CVE-2018-15745

 info:
-  name: Argus Surveillance DVR - Directory Traversal
+  name: Argus Surveillance DVR 4.0.0.0 - Local File Inclusion
  author: gy741
  severity: high
-  description: Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.
+  description: Argus Surveillance DVR 4.0.0.0 devices allow unauthenticated local file inclusion, leading to file disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.
  reference:
    - http://hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-UNAUTHENTICATED-PATH-TRAVERSAL-FILE-DISCLOSURE.txt
    - http://packetstormsecurity.com/files/149134/Argus-Surveillance-DVR-4.0.0.0-Directory-Traversal.html
    - https://www.exploit-db.com/exploits/45296/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-15745
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
@ -33,3 +34,5 @@ requests:
          - "for 16-bit app support"
          - "[drivers]"
        condition: and
+
+# Enhanced by mp on 2022/06/13