From d909ff8f5624dfe2c3dc810007f1ecea44eafb7c Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Wed, 17 Aug 2022 16:45:20 +0530
Subject: [PATCH] Update CVE-2020-12478.yaml

---
 cves/2020/CVE-2020-12478.yaml | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/cves/2020/CVE-2020-12478.yaml b/cves/2020/CVE-2020-12478.yaml
index b1da4b756f..604ec47cf0 100644
--- a/cves/2020/CVE-2020-12478.yaml
+++ b/cves/2020/CVE-2020-12478.yaml
@@ -1,34 +1,35 @@
 id: CVE-2020-12478
 
 info:
-  name: TeamPass 2.1.27.36 - Unauthenticated File Access
+  name: TeamPass 2.1.27.36 - Unauthenticated Access
   author: arafatansari
   severity: high
   description: |
     TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files.
   reference:
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-CVE-2020-12478
     - https://github.com/nilsteampassnet/TeamPass/issues/2764
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-12478
+  classification:
+    cve-id: CVE-2020-12478
   metadata:
+    verified: true
     shodan-query: http.html:"teampass"
-    verified: "true"
-  tags: file,cve,2020
+  tags: cve,cve2020,teampass,exposure
 
 requests:
-  - raw:
-      - |
-        GET /files/ldap.debug.txt HTTP/1.1
-        Host: {{Hostname}}
+  - method: GET
+    path:
+      - "{{BaseURL}}/files/ldap.debug.txt"
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
       - type: word
         words:
           - 'Get all LDAP params'
           - 'type'
           - 'account_suffix'
         condition: and
+
+      - type: status
+        status:
+          - 200