Update and rename vulnerabilities/other/eyesofnetwork-detect.yaml to cves/2020/CVE-2020-8654.yaml

cves/2020/CVE-2020-8654.yaml

@@ -1,29 +1,41 @@
-id: eyesofnetwork-detect
+id: CVE-2020-8654
 
 info:
-  name: EyesOfNetwork Vulnerable Version Detect
+  name: EyesOfNetwork 5.3 - Authenticated RCE
   author: praetorian-thendrickson
   severity: high
   description: EyesOfNetwork version 5.1-5.3 is vulnerable to multiple exploits. Version 5.3 is vulnerable to CVE-2020-8654 (authenticated rce), CVE-2020-8655 (privesc), CVE-2020-8656 (SQLi - API version before 2.4.2), and 2020-8657 (hardcoded api key). Versions 5.1-5.3 are vulnerable to CVE-2020-9465 (SQLi).
-  tags: tech,cisa
+  reference:
-  reference: 
     - https://github.com/h4knet/eonrce
     - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetwork_autodiscovery_rce.rb
     - https://nvd.nist.gov/vuln/detail/CVE-2020-8657
+  tags: cve,cve2020,cisa,eyesofnetwork,rce,authenticated
+
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/css/eonweb.css"
+
+    extractors:
+      - type: regex
+        name: version
+        internal: true
+        part: body
+        group: 1
+        regex:
+          - '# VERSION : ([0-9.]+)'
+
     matchers-condition: and
     matchers:
-      - type: regex
+      - type: dsl
-        part: body
+        dsl:
-        regex:
+          - compare_versions(version, '< 5.4', '>= 5.1')
-          - "VERSION : 5.[1-3]"
+
       - type: word
         part: body
         words:
-          -  "EyesOfNetwork"
+          - "EyesOfNetwork"
+
       - type: status
         status:
           - 200