From 6976117e9ff354dd56efa337d8263e961f7a06a4 Mon Sep 17 00:00:00 2001
From: zinduolis <ilgakulnis@gmail.com>
Date: Tue, 29 Oct 2024 20:20:00 +1000
Subject: [PATCH] Improve security of browser version matching regex

---
 core/filters/browser.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/filters/browser.rb b/core/filters/browser.rb
index dfc1e04e4..9c38e4e1a 100644
--- a/core/filters/browser.rb
+++ b/core/filters/browser.rb
@@ -46,7 +46,7 @@ module BeEF
       return false if has_non_printable_char?(str)
       return true if str.eql? 'UNKNOWN'
       return true if str.eql? 'ALL'
-      return false if !nums_only?(str) and !str.match(/\A\d+(\.\d+)+\z/)
+      return false if !nums_only?(str) and !str.match(/\A(0|[1-9][0-9]{0,3})(\.(0|[1-9][0-9]{0,2})){0,3}\z/)
       return false if str.length > 20
 
       true