nuclei-templates/http/misconfiguration/hp/unauthorized-printer-hp.yaml

32 lines
976 B
YAML
Raw Normal View History

id: unauthorized-printer-hp
info:
name: Unauthorized HP office pro printer
author: pussycat0x,r3naissance
severity: high
2024-01-03 06:08:41 +00:00
description: HP office pro printer web access is exposed.
2024-09-10 09:08:16 +00:00
classification:
cpe: cpe:2.3:h:hp:officejet_pro_8730_m9l80a:*:*:*:*:*:*:*:*
metadata:
max-request: 2
2024-09-10 08:22:50 +00:00
vendor: hp
2024-09-10 09:08:16 +00:00
product: officejet_pro_8730_m9l80a
shodan-query: http.title:"Hp Officejet pro"
tags: hp,iot,unauth,misconfig
http:
- method: GET
path:
- "{{BaseURL}}"
- "{{BaseURL}}/hp/device/webAccess/index.htm?content=security"
matchers-condition: and
matchers:
- type: regex
regex:
- '<title>(HP Officejet Pro([ 0-9A-Za-z]+)|HP Designjet([ 0-9A-Za-z]+).*)<\/title>'
- type: status
status:
- 200
2024-09-12 05:14:01 +00:00
# digest: 490a004630440220121137a3cdb39c9453ad857391ed831961a27c250fd1aac72eca5fb514adfe0502205e5fa204c7e6ba24124306e63c367c9343302bd9024c69f259612fae0587f7da:922c64590222798bb761d5b6d8e72950