Merge pull request #7252 from For3stCo1d/CVE-2023-29857

Create CVE-2023-29857.yaml
2023-05-18 16:18:00 +05:30 · 2023-05-18 16:18:00 +05:30 · 5238ad2b92
parent f31b70b691 9a29b00f3f
commit 5238ad2b92
1 changed files with 39 additions and 0 deletions
--- a/http/misconfiguration/teslamate-unauth-access.yaml
+++ b/http/misconfiguration/teslamate-unauth-access.yaml
@ -0,0 +1,39 @@
+id: teslamate-unauth-access
+
+info:
+  name: TeslaMate - Unauthenticated Access
+  author: For3stCo1d
+  severity: medium
+  description: |
+    A misconfig in Teslamate allows unauthorized access to /settings endpoint.
+  metadata:
+    max-req: 1
+    verified: "true"
+    shodan-query: http.favicon.hash:-1478287554
+    fofa-query: title="teslamate"
+  tags: misconfig,teslamate,unauth
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/settings"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Settings · TeslaMate"
+          - "URLs</h2>"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - "<td>([0-9.]+)<strong>"