Create CVE-2024-33605.yaml

It was observed that Sharp printers are vulnerable to an arbitrary directory listing without authentication. Any attacker can list any directory located in the printer and recover any file.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

http/cves/2024/CVE-2024-33605.yaml

@@ -0,0 +1,46 @@
+id: CVE-2024-33605
+
+info:
+  name: Sharp Multifunction Printers - Arbitrary Directory Listing without authentication
+  author: gy741
+  severity: high
+  description: |
+    It was observed that Sharp printers are vulnerable to an arbitrary directory listing without authentication. Any attacker can list any directory located in the printer and recover any file.
+  remediation: Apply all relevant security patches and product upgrades.
+  reference:
+    - https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html#pre-auth-arbitrary-directory-listing
+    - https://jvn.jp/en/vu/JVNVU93051062/index.html
+    - https://global.sharp/products/copier/info/info_security_2024-05.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2024-33605
+    cwe-id: CWE-22
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: "Set-Cookie: MFPSESSIONID="
+  tags: cve,cve2024,sharp,printer,traversal
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/installed_emanual_list.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'ServiceEmanualList'
+          - '/installed_emanual_down.html'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "Set-Cookie: MFPSESSIONID="
+
+      - type: status
+        status:
+          - 200