Orientdb 2.2.x RCE - Fix regular expression for version detection

Ricardo Almeida · Ricardo Almeida · commit 4845b4b1fa81 · 2017-07-26T14:35:05.000+01:00
diff --git a/modules/exploits/multi/http/orientdb_exec.rb b/modules/exploits/multi/http/orientdb_exec.rb
@@ -52,7 +52,7 @@ def check
     uri = target_uri
     uri.path = normalize_uri(uri.path)
     res = send_request_raw({'uri' => "#{uri.path}listDatabases"})
-    if res and res.code == 200 and res.headers['Server'] =~ /OrientDB Server v\.2\.2\.[2-9]|1[0-9]|2[0-2]/
+    if res and res.code == 200 and res.headers['Server'] =~ /OrientDB Server v\.2\.2\./
       print_good("Version: #{res.headers['Server']}")
       return Exploit::CheckCode::Vulnerable
     else
