id: hikvision-info-leak
info:
name: Hikvision Configuration File - Detect
author: pikpikcu
severity: medium
description: Hikvision configuration file was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-200
metadata:
max-request: 1
tags: exposure,config,hikvision
http:
- method: GET
path:
- '{{BaseURL}}/config/user.xml'
matchers-condition: and
matchers:
- type: word
words:
- '<user name='
- 'password='
condition: and
- "text/xml"
part: header
# digest: 4b0a004830460221009cd9b295b39e61edce6b3e892e80f18f68acb9338f13585424958430da7f8c02022100a428761a845a5b20ec596deeb2313579bdaff2f1c471dd9a00afab97ea1889e0:922c64590222798bb761d5b6d8e72950