Auto Generated CVE annotations [Thu Jan 5 11:21:19 UTC 2023] 🤖

2023-01-05 11:21:19 +00:00 · 2023-01-05 11:21:19 +00:00 · 997d941552
parent 6cc929e2c3
commit 997d941552
24 changed files with 84 additions and 33 deletions
--- a/cves/2020/CVE-2020-11110.yaml
+++ b/cves/2020/CVE-2020-11110.yaml
@ -19,7 +19,7 @@ info:
    cwe-id: CWE-79
  metadata:
    shodan-query: title:"Grafana"
-  tags: cve,cve2020,xss,grafana
+  tags: grafana,hackerone,cve,cve2020,xss

 requests:
  - raw:
--- a/cves/2020/CVE-2020-35476.yaml
+++ b/cves/2020/CVE-2020-35476.yaml
@ -18,7 +18,7 @@ info:
  metadata:
    verified: true
    shodan-query: html:"OpenTSDB"
-  tags: cve,cve2020,opentsdb,rce
+  tags: cve,cve2020,opentsdb,rce,packetstorm

 requests:
  - method: GET
--- a/cves/2021/CVE-2021-24946.yaml
+++ b/cves/2021/CVE-2021-24946.yaml
@ -11,10 +11,13 @@ info:
    - https://wordpress.org/plugins/modern-events-calendar-lite/
    - https://nvd.nist.gov/vuln/detail/CVE-2021-24946
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2021-24946
+    cwe-id: CWE-89
  metadata:
    verified: "true"
-  tags: cve,cve2021,wordpress,wp-plugin,wp,sqli,modern-events-calendar-lite,unauth
+  tags: wordpress,wp-plugin,wp,unauth,wpscan,cve,cve2021,sqli,modern-events-calendar-lite

 requests:
  - raw:
--- a/cves/2021/CVE-2021-25099.yaml
+++ b/cves/2021/CVE-2021-25099.yaml
@ -11,10 +11,13 @@ info:
    - https://wordpress.org/plugins/give/
    - https://nvd.nist.gov/vuln/detail/CVE-2021-25099
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
    cve-id: CVE-2021-25099
+    cwe-id: CWE-79
  metadata:
-    verified: true
-  tags: cve,cve2021,wordpress,wp-plugin,wp,xss,give,unauth
+    verified: "true"
+  tags: wp-plugin,wp,give,unauth,wordpress,cve2021,xss,wpscan,cve

 requests:
  - raw:
--- a/cves/2021/CVE-2021-30128.yaml
+++ b/cves/2021/CVE-2021-30128.yaml
@ -8,11 +8,16 @@ info:
  reference:
    - https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E
    - https://nvd.nist.gov/vuln/detail/CVE-2021-30128
+    - https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E
+    - https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cdev.ofbiz.apache.org%3E
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2021-30128
+    cwe-id: CWE-502
  metadata:
-    verified: true
    fofa-query: app="Apache_OFBiz"
+    verified: "true"
  tags: cve,cve2021,apache,ofbiz,deserialization,rce

 requests:
--- a/cves/2021/CVE-2021-41773.yaml
+++ b/cves/2021/CVE-2021-41773.yaml
@ -19,8 +19,8 @@ info:
    cve-id: CVE-2021-41773
    cwe-id: CWE-22
  metadata:
-    verified: "true"
    shodan-query: Apache 2.4.49
+    verified: "true"
  tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,kev

 variables:
--- a/cves/2021/CVE-2021-42887.yaml
+++ b/cves/2021/CVE-2021-42887.yaml
@ -10,7 +10,7 @@ info:
    - https://nvd.nist.gov/vuln/detail/cve-2021-42887
    - https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_login_bypass.md
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2021-42887
    cwe-id: CWE-287
--- a/cves/2022/CVE-2022-0784.yaml
+++ b/cves/2022/CVE-2022-0784.yaml
@ -11,10 +11,13 @@ info:
    - https://wordpress.org/plugins/wp-experiments-free/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-0784
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2022-0784
+    cwe-id: CWE-89
  metadata:
    verified: "true"
-  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-experiments-free,unauth
+  tags: cve,wpscan,wp-plugin,wp,sqli,wp-experiments-free,unauth,cve2022,wordpress

 requests:
  - raw:
--- a/cves/2022/CVE-2022-0786.yaml
+++ b/cves/2022/CVE-2022-0786.yaml
@ -11,10 +11,13 @@ info:
    - https://wordpress.org/plugins/kivicare-clinic-management-system/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-0786
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2022-0786
+    cwe-id: CWE-89
  metadata:
    verified: "true"
-  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,kivicare-clinic-management-system,unauth
+  tags: sqli,kivicare-clinic-management-system,unauth,wordpress,wp-plugin,wp,cve,cve2022,wpscan

 requests:
  - raw:
--- a/cves/2022/CVE-2022-1595.yaml
+++ b/cves/2022/CVE-2022-1595.yaml
@ -11,10 +11,13 @@ info:
    - https://wordpress.org/plugins/hc-custom-wp-admin-url/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-1595
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
    cve-id: CVE-2022-1595
+    cwe-id: CWE-200
  metadata:
    verified: "true"
-  tags: cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url,unauth
+  tags: unauth,wpscan,cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url

 requests:
  - raw:
--- a/cves/2022/CVE-2022-2314.yaml
+++ b/cves/2022/CVE-2022-2314.yaml
@ -11,10 +11,12 @@ info:
    - https://wordpress.org/plugins/vr-calendar-sync/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-2314
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2022-2314
  metadata:
-    verified: true
-  tags: cve,cve2022,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth
+    verified: "true"
+  tags: rce,unauth,wpscan,cve,cve2022,wp,vr-calendar-sync,wordpress,wp-plugin

 requests:
  - raw:
--- a/cves/2022/CVE-2022-23854.yaml
+++ b/cves/2022/CVE-2022-23854.yaml
@ -12,7 +12,10 @@ info:
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854
    - https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
    cve-id: CVE-2022-23854
+    cwe-id: CWE-23
  metadata:
    shodan-query: http.html:"InTouch Access Anywhere"
    verified: "true"
--- a/cves/2022/CVE-2022-24816.yaml
+++ b/cves/2022/CVE-2022-24816.yaml
@ -9,12 +9,17 @@ info:
  reference:
    - https://www.synacktiv.com/en/publications/exploiting-cve-2022-24816-a-code-injection-in-the-jt-jiffle-extension-of-geoserver.html
    - https://nvd.nist.gov/vuln/detail/CVE-2022-24816
+    - https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx
+    - https://github.com/geosolutions-it/jai-ext/commit/cb1d6565d38954676b0a366da4f965fef38da1cb
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2022-24816
+    cwe-id: CWE-94
  metadata:
-    verified: true
-    shodan-query: /geoserver/
    fofa-query: app="GeoServer"
+    shodan-query: /geoserver/
+    verified: "true"
  tags: cve,cve2022,geoserver,rce

 requests:
--- a/cves/2022/CVE-2022-33891.yaml
+++ b/cves/2022/CVE-2022-33891.yaml
@ -8,9 +8,16 @@ info:
  reference:
    - https://github.com/W01fh4cker/cve-2022-33891
    - https://nvd.nist.gov/vuln/detail/CVE-2022-33891
+    - https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc
+    - http://packetstormsecurity.com/files/168309/Apache-Spark-Unauthenticated-Command-Injection.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2022-33891
+    cwe-id: CWE-77
  metadata:
-    verified: "true"
    shodan-query: title:"Spark Master at"
+    verified: "true"
  tags: cve,cve2022,apache,spark,authenticated

 variables:
--- a/cves/2022/CVE-2022-3768.yaml
+++ b/cves/2022/CVE-2022-3768.yaml
@ -6,12 +6,12 @@ info:
  severity: high
  description: |
    The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
-  remediation: Fixed in version 1.3.12
  reference:
    - https://wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3768
    - https://nvd.nist.gov/vuln/detail/CVE-2022-3768
    - https://cve.report/CVE-2022-3768
+  remediation: Fixed in version 1.3.12
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.8
@ -19,7 +19,7 @@ info:
    cwe-id: CWE-89
  metadata:
    verified: "true"
-  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-smart-contracts,authenticated
+  tags: wp-smart-contracts,authenticated,cve,wordpress,wp,sqli,cve2022,wp-plugin,wpscan

 requests:
  - raw:
--- a/cves/2022/CVE-2022-4050.yaml
+++ b/cves/2022/CVE-2022-4050.yaml
@ -11,10 +11,13 @@ info:
    - https://wordpress.org/plugins/joomsport-sports-league-results-management/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-4050
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2022-4050
+    cwe-id: CWE-89
  metadata:
-    verified: true
-  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,joomsport-sports-league-results-management,unauth
+    verified: "true"
+  tags: wpscan,cve,cve2022,wp-plugin,wp,joomsport-sports-league-results-management,wordpress,sqli,unauth

 requests:
  - raw:
--- a/cves/2022/CVE-2022-4260.yaml
+++ b/cves/2022/CVE-2022-4260.yaml
@ -16,7 +16,7 @@ info:
    cwe-id: CWE-79
  metadata:
    verified: "true"
-  tags: cve,cve2022,wordpress,wp-plugin,wp,xss,wp-ban,authenticated
+  tags: wp-plugin,xss,wp-ban,authenticated,wpscan,cve,cve2022,wordpress,wp

 requests:
  - raw:
--- a/cves/2022/CVE-2022-42746.yaml
+++ b/cves/2022/CVE-2022-42746.yaml
@ -9,14 +9,15 @@ info:
  reference:
    - https://fluidattacks.com/advisories/modestep/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-42746
+    - https://candidats.net/
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 5.4
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
    cve-id: CVE-2022-42746
-    cwe-id: CWE-80
+    cwe-id: CWE-79
  metadata:
-    verified: true
    shodan-query: http.html:"CandidATS"
+    verified: "true"
  tags: cve,cve2022,candidats,xss

 requests:
--- a/cves/2022/CVE-2022-45917.yaml
+++ b/cves/2022/CVE-2022-45917.yaml
@ -11,10 +11,15 @@ info:
    - https://seclists.org/fulldisclosure/2022/Dec/7
    - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/
    - https://github.com/advisories/GHSA-hf6q-rx44-fh6j
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-45917
+    cwe-id: CWE-601
  metadata:
-    verified: true
    shodan-query: http.html:"ILIAS"
-  tags: cve,cve2022,ilias,redirect
+    verified: "true"
+  tags: redirect,packetstorm,seclists,cve,cve2022,ilias

 requests:
  - method: GET
--- a/cves/2022/CVE-2022-46169.yaml
+++ b/cves/2022/CVE-2022-46169.yaml
@ -5,7 +5,7 @@ info:
  author: Hardik-Solanki
  severity: critical
  description: |
-     The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request  to the affected instance and execute arbitrary OS commands on the server.
+    The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request  to the affected instance and execute arbitrary OS commands on the server.
  reference:
    - https://security-tracker.debian.org/tracker/CVE-2022-46169
    - https://nvd.nist.gov/vuln/detail/CVE-2022-46169
@ -17,8 +17,8 @@ info:
    cve-id: CVE-2022-46169
    cwe-id: CWE-285
  metadata:
-    verified: "true"
    shodan-query: title:"Login to Cacti"
+    verified: "true"
  tags: cve2022,cve,auth-bypass,cacti

 requests:
--- a/cves/2022/CVE-2022-46381.yaml
+++ b/cves/2022/CVE-2022-46381.yaml
@ -9,9 +9,14 @@ info:
  reference:
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381
    - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-46381
+    cwe-id: CWE-79
  metadata:
-    verified: "true"
    shodan-query: http.html:"Linear eMerge"
+    verified: "true"
  tags: cve,cve2022,xss,emerge,linear

 requests:
--- a/exposures/files/svn-wc-db.yaml
+++ b/exposures/files/svn-wc-db.yaml
@ -10,7 +10,7 @@ info:
  metadata:
    verified: true
    google-query: intitle:"index of" "wc.db"
-  tags: exposure,svn,config,files
+  tags: msf,exposure,svn,config,files

 requests:
  - method: GET
--- a/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml
+++ b/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml
@ -21,7 +21,7 @@ info:
    verified: true
    shodan-query: title:"VMware Appliance Management"
    fofa-query: title="VMware Appliance Management"
-  tags: vmware,xstream,rce
+  tags: vmware,xstream,rce,msf

 variables:
  lowerrstr: "{{to_lower(rand_text_alpha(6))}}"
--- a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml
+++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml
@ -13,7 +13,7 @@ info:
  metadata:
    verified: "true"
    shodan-query: http.html:"VMG1312-B10D"
-  tags: misconfig,unauth,zyxel,lfi
+  tags: misconfig,unauth,zyxel,lfi,msf

 requests:
  - raw: