diff --git a/plugins/adobe/experience_manager/CVE-2019-16469.yaml b/plugins/adobe/experience_manager/CVE-2019-16469.yaml index d839afb9d..1cd108df8 100644 --- a/plugins/adobe/experience_manager/CVE-2019-16469.yaml +++ b/plugins/adobe/experience_manager/CVE-2019-16469.yaml @@ -57,4 +57,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d972b038916bdc77cbe8379f0314d9c50aec09fae1af11cf1473e110aa202a9f0221009cc28086f81a74c38f7735bcf938ba235f8eae6752ef13ca580bf1ec7d45c2fb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022067414d85519e0e965d2532eaf2a74acb119fd7e3bd2204945a36e62196dafdca022100ac164013eeb1f2bf9401b5bc764e6c7dc46ea05844b59551e0cf7b0e58342b65:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/plugins/apache/solr/CVE-2024-45216.yaml b/plugins/apache/solr/CVE-2024-45216.yaml index bedc099f3..00f6dc12d 100644 --- a/plugins/apache/solr/CVE-2024-45216.yaml +++ b/plugins/apache/solr/CVE-2024-45216.yaml @@ -51,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220672a2f3e28b4efc73aa421475fb7345136d64d355af9a750cb5376786c04a94e022100bb379fd032dfd923f37d2d3fa360c7802bc11d41adac29d5e28141f469508ffb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203752cdc2e8eb19750fcfd97b792a58b75035f54916281e23e218b1d2a7c073a5022100a5c1cf1743f1d761cbf2311bca6e3f5b5cadf0ec60080197554a066130bdc2f6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/plugins/issabel/issabel-pbx/CVE-2023-37599.yaml b/plugins/issabel/issabel-pbx/CVE-2023-37599.yaml new file mode 100644 index 000000000..182e03066 --- /dev/null +++ b/plugins/issabel/issabel-pbx/CVE-2023-37599.yaml @@ -0,0 +1,43 @@ +id: CVE-2023-37599 + +info: + name: Issabel PBX 4.0.0-6 - Directory Listing + author: ritikchaddha + severity: high + description: | + An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory + impact: | + Exploiting this vulnerability could lead to unauthorized access to sensitive directories and files, compromising the confidentiality of the system. + remediation: | + It is recommended to update to a patched version of issabel-pbx or apply necessary configuration changes to prevent directory listing. + reference: + - https://github.com/sahiloj/CVE-2023-37599 + - https://nvd.nist.gov/vuln/detail/CVE-2023-37599 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2023-37599 + cwe-id: CWE-668 + cpe: cpe:2.3:a:issabel:issabel-pbx:4.0.0-6:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: issabel + product: issabel-pbx + shodan-query: title:"issabel" + fofa-query: title="issabel" + tags: cve,cve2023,issabel,issabel-pbx,directory-listing + +http: + - method: GET + path: + - '{{BaseURL}}/modules/' + + matchers: + - type: dsl + dsl: + - 'contains(body, "Index of /modules")' + - 'contains_any(body, "issabel", "asterisk_", "billing_")' + - 'status_code == 200' + condition: and +# digest: 4a0a0047304502206fc8d47001d1488b40130093787a06b623b025a8f4656d63da7b850429bcaf27022100bd3494c15a1b2f5dc5c7a4f111c59fc8cf97c36573b9c52dc5dd4d390bed7fea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/web-fingerprint/issabel/issabel-pbx.yaml b/web-fingerprint/issabel/issabel-pbx.yaml new file mode 100644 index 000000000..6c003be34 --- /dev/null +++ b/web-fingerprint/issabel/issabel-pbx.yaml @@ -0,0 +1,22 @@ +id: issabel-pbx +info: + name: issabel-pbx + author: cn-kali-team + tags: detect,tech,issabel-pbx + severity: info + metadata: + fofa-query: + - title="issabel" + product: issabel-pbx + shodan-query: + - title:"issabel" + vendor: issabel + verified: true +http: +- method: GET + path: + - '{{BaseURL}}/' + matchers: + - type: regex + regex: + - (?mi)]*>issabel.*?