Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

modified regex and added more request parameters #9967

Merged
merged 2 commits into from
Jun 4, 2024
Merged

modified regex and added more request parameters #9967

merged 2 commits into from
Jun 4, 2024

Conversation

SecDev0ps
Copy link

PR Information

  • Fixed CVE-2024-24919

Template Validation

I've validated this template locally?

  • [v] YES
  • [] NO

Additional Details (leave it blank if not applicable)

image

Additional References:

ehsandeep
ehsandeep reviewed Jun 3, 2024
View reviewed changes
http/cves/2024/CVE-2024-24919.yaml Outdated
tags: cve,cve2024,checkpoint,lfi

http:
- raw:
- |
POST /clients/MyCRL HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.2.7
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can remove hardcoded UA to generate random one at run time.

@DhiyaneshGeek DhiyaneshGeek self-assigned this Jun 4, 2024
@DhiyaneshGeek DhiyaneshGeek added the Done Ready to merge label Jun 4, 2024
@DhiyaneshGeek
Copy link
Member

Hi @Dev0psSec

i have made minor changes, let me know if it works

Thanks

@DhiyaneshGeek DhiyaneshGeek added the good first issue Good for newcomers label Jun 4, 2024
@SecDev0ps
Copy link
Author

yes, still working

@SecDev0ps
Copy link
Author

Happy to contribute. Thanks!

@DhiyaneshGeek
Copy link
Member

Hi @Dev0psSec , Thanks for the confirmation

You can grab some cool PD stickers over here http://nux.gg/stickers 😄 for contributing to the template project !

@DhiyaneshGeek DhiyaneshGeek merged commit 4c0cdd9 into projectdiscovery:main Jun 4, 2024
2 checks passed
@M3mby7e
Copy link

M3mby7e commented Jun 4, 2024

is there a possibility of RCE in it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep left review comments

@DhiyaneshGeek DhiyaneshGeek DhiyaneshGeek approved these changes

Assignees

@DhiyaneshGeek DhiyaneshGeek

Labels
Done Ready to merge good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@SecDev0ps @DhiyaneshGeek @M3mby7e @ehsandeep