daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2021-40859.yaml

patch-1
Prince Chaddha 2021-12-30 12:15:02 +05:30 committed by GitHub
parent a0bdd14786
commit f3deec4325
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2021/CVE-2021-40859.yaml
View File

@ -1,20 +1,20 @@
id: CVE-2021-40859
info:
name: CVE-2021-40859
name: Auerswald COMpact 5500R 7.8A and 8.0B devices Backdoor
author: pussycat0x
severity: critical
description: unauthenticated endpoint ("https://192.168.1[.]2/about_state"), enabling the bad actor to gain access to a web interface that allows for resetting the administrator password.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2021-40859
- https://thehackernews.com/2021/12/secret-backdoors-found-in-german-made.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-40859
metadata:
fofa-dork: '"auerswald"'
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80
cve-id: CVE-2021-40859
tags: cve,cve2021,iot,unauth,voip
tags: cve,cve2021,iot,unauth,voip,auerswald
requests:
- method: GET
@ -37,4 +37,4 @@ requests:
- type: status
status:
- 200
- 200