From cee029a599fc181a9226cefe81abada05a80450f Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Sat, 10 Aug 2024 08:49:05 +0530 Subject: [PATCH] Update CVE-2024-7339.yaml --- CVE-2024-7339.yaml | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/CVE-2024-7339.yaml b/CVE-2024-7339.yaml index 0148b55ec3..c67b2efaf4 100644 --- a/CVE-2024-7339.yaml +++ b/CVE-2024-7339.yaml @@ -1,7 +1,7 @@ id: CVE-2024-7339 info: - name: Sensitive Device Information Disclosure in TVT DVR + name: TVT DVR Sensitive Device Information - Disclosure author: Stuxctf severity: medium description: | @@ -23,27 +23,24 @@ info: cwe-id: CWE-200 epss-score: 0.00045 epss-percentile: 0.15505 + tags: cve,cve2024,dvr,tvt http: - raw: - | POST /queryDevInfo HTTP/1.1 Host: {{Hostname}} - Accept-Language: en-US,en;q=0.9 - Accept-Encoding: gzip, deflate - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 - Upgrade-Insecure-Requests: 1 - Connection: keep-alive - User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS like Mac OS X) AppleWebKit (KHTML, like Gecko) Version Mobile Safari - Content-Length: 103 + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word words: - "softwareVersion" - - "eth0" \ No newline at end of file + - "eth0" + condition: and + + - type: status + status: + - 200