From 6cee1b17f30c1bc0d76fe852404042a570a6e43c Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Wed, 3 Jul 2024 17:23:43 +0530
Subject: [PATCH] Update and rename
 sharp-multi-function-printers-local-file-disclosure.yaml to
 sharp-printers-lfi.yaml

---
 ...al-file-disclosure.yaml => sharp-printers-lfi.yaml} | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)
 rename http/vulnerabilities/other/{sharp-multi-function-printers-local-file-disclosure.yaml => sharp-printers-lfi.yaml} (81%)

diff --git a/http/vulnerabilities/other/sharp-multi-function-printers-local-file-disclosure.yaml b/http/vulnerabilities/other/sharp-printers-lfi.yaml
similarity index 81%
rename from http/vulnerabilities/other/sharp-multi-function-printers-local-file-disclosure.yaml
rename to http/vulnerabilities/other/sharp-printers-lfi.yaml
index 94a6c69194..ca035a94e7 100644
--- a/http/vulnerabilities/other/sharp-multi-function-printers-local-file-disclosure.yaml
+++ b/http/vulnerabilities/other/sharp-printers-lfi.yaml
@@ -1,4 +1,4 @@
-id: sharp-multi-function-printers-local-file-disclosure
+id: sharp-printers-lfi
 
 info:
   name: Sharp Multifunction Printers - Local File Inclusion
@@ -6,7 +6,8 @@ info:
   severity: high
   description: |
     It was observed that Sharp printers are vulnerable to a local file inclusion without authentication. Any attacker can read any file located in the printer.
-  remediation: Apply all relevant security patches and product upgrades.
+  remediation: |
+    Apply all relevant security patches and product upgrades.
   reference:
     - https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html#pre-auth-lfi
     - https://jvn.jp/en/vu/JVNVU93051062/index.html
@@ -29,6 +30,11 @@ http:
         regex:
           - "root:.*:0:0:"
 
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream; name=passwd"
+
       - type: status
         status:
           - 200