From 95a30713a5343282d396c727ceb20c86e3bf10fb Mon Sep 17 00:00:00 2001
From: Miro <200482516+Mirochill@users.noreply.github.com>
Date: Mon, 25 May 2026 20:25:00 +0200
Subject: [PATCH] Preserve Shodan CVSS severity

---
 faraday_plugins/plugins/repo/shodan/plugin.py | 13 ++++++--
 tests/test_shodan.py                          | 32 +++++++++++++++++++
 2 files changed, 43 insertions(+), 2 deletions(-)
 create mode 100644 tests/test_shodan.py

diff --git a/faraday_plugins/plugins/repo/shodan/plugin.py b/faraday_plugins/plugins/repo/shodan/plugin.py
index 20ce218e..8342ef00 100644
--- a/faraday_plugins/plugins/repo/shodan/plugin.py
+++ b/faraday_plugins/plugins/repo/shodan/plugin.py
@@ -73,8 +73,17 @@ def parseOutputString(self, output):
                 for name, vuln_info in vulns.items():
                     description = vuln_info.get('summary')
                     references = vuln_info.get('references')
-                    self.createAndAddVulnToService(h_id, s_id, name, desc=description, ref=references
-                                                   , cve=name)
+                    cvss_score = vuln_info.get('cvss')
+                    cvss2 = {}
+                    severity = vuln_info.get('severity', '')
+                    if cvss_score is not None:
+                        cvss2['base_score'] = cvss_score
+                        if not severity:
+                            severity = get_severity_from_cvss(cvss_score)
+                    self.createAndAddVulnToService(
+                        h_id, s_id, name, desc=description, ref=references,
+                        cve=name, severity=severity, cvss2=cvss2
+                    )
 
     def processCommandString(self, username, current_path, command_string):
         """
diff --git a/tests/test_shodan.py b/tests/test_shodan.py
new file mode 100644
index 00000000..7dfb5c4b
--- /dev/null
+++ b/tests/test_shodan.py
@@ -0,0 +1,32 @@
+import json
+from unittest.mock import Mock
+
+from faraday_plugins.plugins.repo.shodan.plugin import ShodanPlugin
+
+
+def test_shodan_preserves_cvss_score_and_derives_severity():
+    plugin = ShodanPlugin()
+    plugin.createAndAddHost = Mock(return_value="host-id")
+    plugin.createAndAddServiceToHost = Mock(return_value="service-id")
+    plugin.createAndAddVulnToService = Mock()
+
+    plugin.parseOutputString(json.dumps({
+        "ip_str": "203.0.113.10",
+        "port": 443,
+        "transport": "tcp",
+        "hostnames": ["example.test"],
+        "vulns": {
+            "CVE-2024-12345": {
+                "summary": "Example Shodan vulnerability",
+                "references": ["https://example.test/CVE-2024-12345"],
+                "cvss": 7.5,
+            },
+        },
+    }))
+
+    plugin.createAndAddVulnToService.assert_called_once()
+    args, kwargs = plugin.createAndAddVulnToService.call_args
+    assert args[:3] == ("host-id", "service-id", "CVE-2024-12345")
+    assert kwargs["severity"] == "high"
+    assert kwargs["cvss2"] == {"base_score": 7.5}
+    assert kwargs["cve"] == "CVE-2024-12345"