nuclei-templates/cnvd/2020/CNVD-2020-67113.yaml

45 lines
977 B
YAML
Raw Normal View History

id: CNVD-2020-67113
2022-04-04 08:16:17 +00:00
info:
name: H5S CONSOLE Unauthorized Access Vulnerability (CNVD-2020-67113)
author: ritikchaddha
2022-04-04 13:07:21 +00:00
severity: high
2022-04-04 08:16:17 +00:00
description: Zero Vision Technology (Shanghai) Co., Ltd. H5S CONSOLE Exists Unauthorized Access Vulnerability
reference:
- https://vul.wangan.com/a/CNVD-2020-67113
2022-04-04 12:55:57 +00:00
metadata:
shodan-query: http.title:"H5S CONSOLE"
tags: h5s,unauth,h5sconsole,cnvd,cnvd2020
2022-04-04 08:16:17 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/api/v1/GetSrc"
- "{{BaseURL}}/api/v1/GetDevice"
2022-04-04 13:06:10 +00:00
stop-at-first-match: true
2022-04-04 08:16:17 +00:00
matchers-condition: and
matchers:
- type: word
part: body
2022-04-04 08:16:17 +00:00
words:
- 'strUser'
2022-04-04 12:58:41 +00:00
- 'strPasswd'
2022-04-04 08:16:17 +00:00
condition: and
- type: word
part: body
words:
- 'H5_AUTO'
2022-04-04 12:58:41 +00:00
- 'H5_DEV'
condition: or
2022-04-04 08:16:17 +00:00
- type: word
part: header
words:
- "application/json"
2022-04-04 08:16:17 +00:00
- type: status
status:
- 200