daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

minor-update

patch-12
Dhiyaneshwaran 2024-09-30 12:59:24 +05:30 committed by GitHub
parent 0b20e94de8
commit af3bfeb450
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
http/cves/2024/CVE-2024-46627.yaml
View File

@ -11,8 +11,11 @@ info:
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2024-46627
- https://daly.wtf/cve-2024-46627-incorrect-access-control-in-becn-datagerry-v2-2-allows-attackers-to-execute-arbitrary-commands-via-crafted-web-requests/
- https://datagerry.com/
- https://github.com/DATAGerry/
- https://github.com/d4lyw/CVE-2024-46627
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
cvss-score: 9.1
cve-id: CVE-2024-46627
cwe-id: CWE-284
@ -23,9 +26,8 @@ info:
max-request: 1
vendor: becon
product: datagerry
shodan-query:
- http.title:"datagerry"
tags: cve2024,cve,becon,datagerry,unauth,auth-bypass
shodan-query: http.title:"datagerry"
tags: cve,cve2024,becon,datagerry,unauth,auth-bypass
http:
- method: GET
@ -34,11 +36,6 @@ http:
matchers-condition: and
matchers:
- type: word
part: header
words:
- "application/json"
- type: word
part: body
words:
@ -46,3 +43,8 @@ http:
- '"model":'
- '"time":'
condition: and
- type: word
part: content_type
words:
- "application/json"