daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update and rename sharp-multi-function-printers-local-file-disclosure.yaml to sharp-printers-lfi.yaml

patch-4
Ritik Chaddha 2024-07-03 17:23:43 +05:30 committed by GitHub
parent 2dd8e53621
commit 6cee1b17f3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
http/vulnerabilities/other/sharp-multi-function-printers-local-file-disclosure.yaml → http/vulnerabilities/other/sharp-printers-lfi.yaml
View File

@ -1,4 +1,4 @@
id: sharp-multi-function-printers-local-file-disclosure
id: sharp-printers-lfi
info:
name: Sharp Multifunction Printers - Local File Inclusion
@ -6,7 +6,8 @@ info:
severity: high
description: |
It was observed that Sharp printers are vulnerable to a local file inclusion without authentication. Any attacker can read any file located in the printer.
remediation: Apply all relevant security patches and product upgrades.
remediation: |
Apply all relevant security patches and product upgrades.
reference:
- https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html#pre-auth-lfi
- https://jvn.jp/en/vu/JVNVU93051062/index.html
@ -29,6 +30,11 @@ http:
regex:
- "root:.*:0:0:"
- type: word
part: header
words:
- "application/octet-stream; name=passwd"
- type: status
status:
- 200