From d743fb7969ea95d414cf46ebf676d984f31011eb Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Sun, 6 Mar 2022 12:04:24 -0500
Subject: [PATCH] Enhancement: cves/2021/CVE-2021-41291.yaml by mp

---
 cves/2021/CVE-2021-41291.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cves/2021/CVE-2021-41291.yaml b/cves/2021/CVE-2021-41291.yaml
index b093e562b9..1b052e2df4 100644
--- a/cves/2021/CVE-2021-41291.yaml
+++ b/cves/2021/CVE-2021-41291.yaml
@@ -4,8 +4,9 @@ info:
   name: ECOA Building Automation System - Directory Traversal Content Disclosure
   author: gy741
   severity: high
-  description: The BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device
+  description: The ECOA BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device
   reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-41291
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5670.php
     - https://www.twcert.org.tw/en/cp-139-5140-6343c-2.html
   tags: cve,cve2021,ecoa,lfi,traversal
@@ -25,3 +26,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/03/06