nuclei-templates/http/vulnerabilities/other/tekon-info-leak.yaml

43 lines
1.2 KiB
YAML
Raw Normal View History

id: tekon-info-leak
info:
name: Tekon - Unauthenticated Log Leak
author: gy741
2022-03-21 11:06:39 +00:00
severity: low
description: A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device
reference:
- https://medium.com/@bertinjoseb/post-auth-rce-based-in-malicious-lua-plugin-script-upload-scada-controllers-located-in-russia-57044425ac38
2024-09-10 09:08:16 +00:00
classification:
cpe: cpe:2.3:o:tekon:kio_firmware:*:*:*:*:*:*:*:*
2022-03-21 11:06:39 +00:00
metadata:
max-request: 1
2024-09-10 08:22:50 +00:00
vendor: tekon
2024-09-10 09:08:16 +00:00
product: kio_firmware
shodan-query: title:"контроллер"
2022-03-21 11:06:39 +00:00
tags: tekon,exposure,unauth
http:
- method: GET
path:
- '{{BaseURL}}/cgi-bin/log.cgi'
2022-03-21 11:06:39 +00:00
max-size: 2048
2023-10-14 11:27:55 +00:00
matchers-condition: and
matchers:
- type: word
2022-03-21 11:06:39 +00:00
part: body
words:
- "-- Logs begin at"
- "end at"
condition: and
2022-03-21 11:06:39 +00:00
- type: word
part: header
words:
- "text/plain"
- type: status
status:
- 200
2024-09-12 05:14:01 +00:00
# digest: 490a00463044022026bc9e66c8c5207652271a96dc13293e52913dec0fc76283dbf711e479fe60b302202ba7b17066648b9793b363977cd8e6171a7663e2347a1a3f66e58d1d4447deb2:922c64590222798bb761d5b6d8e72950