automatic module_metadata_base.json update

msjenkins-r7 · msjenkins-r7 · commit f26393256b06 · 2024-06-24T07:06:04.000-05:00
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -77459,6 +77459,68 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_linux/http/netis_unauth_rce_cve_2024_22729": {
+    "name": "Netis router MW5360 unauthenticated RCE.",
+    "fullname": "exploit/linux/http/netis_unauth_rce_cve_2024_22729",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-01-11",
+    "type": "exploit",
+    "author": [
+      "h00die-gr3y <h00die.gr3y@gmail.com>",
+      "Adhikara13"
+    ],
+    "description": "Netis router MW5360 has a command injection vulnerability via the password parameter on the login page.\n          The vulnerability stems from improper handling of the \"password\" parameter within the router's web interface.\n          The router's login page authorization can be bypassed by simply deleting the authorization header,\n          leading to the vulnerability. All router firmware versions up to `V1.0.1.3442` are vulnerable.\n          Attackers can inject a command in the 'password' parameter, encoded in base64, to exploit the command injection\n          vulnerability. When exploited, this can lead to unauthorized command execution, potentially allowing the attacker\n          to take control of the router.",
+    "references": [
+      "CVE-2024-22729",
+      "URL-https://attackerkb.com/topics/MvCphsf4LN/cve-2024-22729",
+      "URL-https://github.com/adhikara13/CVE/blob/main/netis_MW5360/blind%20command%20injection%20in%20password%20parameter%20in%20initial%20settings.md"
+    ],
+    "platform": "Linux",
+    "arch": "mipsle",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Linux Dropper"
+    ],
+    "mod_time": "2024-06-12 18:57:29 +0000",
+    "path": "/modules/exploits/linux/http/netis_unauth_rce_cve_2024_22729.rb",
+    "is_install_path": true,
+    "ref_name": "linux/http/netis_unauth_rce_cve_2024_22729",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": true
+  },
   "exploit_linux/http/netsweeper_webadmin_unixlogin": {
     "name": "Netsweeper WebAdmin unixlogin.php Python Code Injection",
     "fullname": "exploit/linux/http/netsweeper_webadmin_unixlogin",
