nuclei-templates/http/misconfiguration/installer/tautulli-install.yaml

32 lines
836 B
YAML
Raw Normal View History

2023-10-31 06:10:10 +00:00
id: tautulli-install
info:
2023-10-31 10:43:35 +00:00
name: Tautulli - Exposed Installation
2023-12-11 15:35:41 +00:00
description: Tautulli setup page is susceptible to sensitive information disclosure due to misconfiguration.
2023-10-31 06:10:10 +00:00
author: ritikchaddha
severity: high
metadata:
verified: true
max-request: 1
2023-10-31 06:47:27 +00:00
shodan-query: title:"Tautulli - Welcome"
2023-10-31 06:10:10 +00:00
tags: misconfig,tautulli,install
http:
- method: GET
path:
- "{{BaseURL}}/welcome"
matchers-condition: and
matchers:
- type: word
words:
- '<title>Tautulli - Welcome'
- 'Tautulli Setup Wizard'
condition: or
- type: status
status:
- 200
# digest: 4a0a00473045022003e945b43ba5589fe6afe1630beafd30a7e5c6e9cbbd7d05329110b7dca63195022100f367fe96b977d613dd829ed31a000d7a00b1e6443f2555efc0bcebe498065bd4:922c64590222798bb761d5b6d8e72950