From b2915ffe80968fc8e599b82ae8219e804d10c0d0 Mon Sep 17 00:00:00 2001
From: pussycat0x <65701233+pussycat0x@users.noreply.github.com>
Date: Thu, 22 Dec 2022 23:50:45 +0530
Subject: [PATCH 1/3] minor-update

---
 cves/2020/CVE-2020-11547.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/cves/2020/CVE-2020-11547.yaml b/cves/2020/CVE-2020-11547.yaml
index eac278a7a9..dc8bc84b7d 100644
--- a/cves/2020/CVE-2020-11547.yaml
+++ b/cves/2020/CVE-2020-11547.yaml
@@ -5,6 +5,9 @@ info:
   author: x6263
   severity: medium
   description: PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself via an HTTP request.
+  metadata:
+    verified: true
+    shodan-query: title:"prtg"
   reference:
     - https://github.com/ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure
     - https://nvd.nist.gov/vuln/detail/CVE-2020-11547
@@ -21,6 +24,7 @@ requests:
     path:
       - "{{BaseURL}}/public/login.htm?type=probes"
       - "{{BaseURL}}/public/login.htm?type=requests"
+      - "{{BaseURL}}/public/login.htm?type=treestat"
 
     req-condition: true
     matchers-condition: and
@@ -33,6 +37,9 @@ requests:
         part: body
         words:
           - "prtg_network_monitor"
+          - "Probes"
+          - "Groups"
+        condition: or  
 
       - type: status
         status:

From c0080f72f2ebec70145e56c1178556de194a010d Mon Sep 17 00:00:00 2001
From: pussycat0x <65701233+pussycat0x@users.noreply.github.com>
Date: Thu, 22 Dec 2022 23:52:47 +0530
Subject: [PATCH 2/3] Update CVE-2020-11547.yaml

---
 cves/2020/CVE-2020-11547.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2020/CVE-2020-11547.yaml b/cves/2020/CVE-2020-11547.yaml
index dc8bc84b7d..28c961b4b5 100644
--- a/cves/2020/CVE-2020-11547.yaml
+++ b/cves/2020/CVE-2020-11547.yaml
@@ -39,7 +39,7 @@ requests:
           - "prtg_network_monitor"
           - "Probes"
           - "Groups"
-        condition: or  
+        condition: or
 
       - type: status
         status:

From 2b346539b9a0d94c723c5627202d847778593263 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 23 Dec 2022 15:12:30 +0530
Subject: [PATCH 3/3] added-stop-first-match

---
 cves/2020/CVE-2020-11547.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cves/2020/CVE-2020-11547.yaml b/cves/2020/CVE-2020-11547.yaml
index 28c961b4b5..428b26219d 100644
--- a/cves/2020/CVE-2020-11547.yaml
+++ b/cves/2020/CVE-2020-11547.yaml
@@ -26,6 +26,7 @@ requests:
       - "{{BaseURL}}/public/login.htm?type=requests"
       - "{{BaseURL}}/public/login.htm?type=treestat"
 
+    stop-at-first-match: true
     req-condition: true
     matchers-condition: and
     matchers: