daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix reference

patch-1
Dhiyaneshwaran 2023-07-08 12:22:18 +05:30 committed by GitHub
parent a7e213703b
commit 6f0e0b1b92
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
http/misconfiguration/d-link-auth-bypass.yaml
View File

@ -1,18 +1,18 @@
id: d-link-auth-bypass
info:
name: D-Link DAP-1325 - Authentication Bypass
name: D-Link DAP-1325 - Broken Access Control
author: gy741
severity: critical
description: |
Security vulnerability known as Unauthenticated access to settings or Unauthenticated configuration download. This vulnerability occurs when a device, such as a repeater, allows the download of user settings without requiring proper authentication.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-287
reference:
- https://www.exploit-db.com/exploits/51556
tags: config,dump,dlink,unauth
- https://www.dropbox.com/s/eqz0ntlzqp5472l/DAP-1325.mp4?dl=0
metadata:
max-request: 1
shodan-query: title:"D-LINK"
tags: config,dump,dlink,auth-bypass
http:
- method: GET