daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated path & name

patch-1
Ritik Chaddha 2023-05-18 14:38:41 +05:30 committed by GitHub
parent b36fc6a71b
commit 76a9dfce33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
http/cves/2023/CVE-2023-29857.yaml → http/misconfiguration/teslamate-unauth-access.yaml
View File

@ -1,20 +1,17 @@
id: CVE-2023-29857
id: teslamate-unauth-access
info:
name: TeslaMate v1.27.1 - Unauthenticated Access
name: TeslaMate - Unauthenticated Access
author: For3stCo1d
severity: high
severity: medium
description: |
An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link.
reference:
- https://github.com/Langangago/Cve-number/blob/main/README.md
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29857
A misconfig in Teslamate allows unauthorized access to /settings endpoint.
metadata:
max-req: 1
verified: "true"
shodan-query: title:"TeslaMate"
fofa-query: title="teslamate"
tags: cve,cve2023,teslamate,unauth
tags: misconfig,teslamate,unauth
http:
- method: GET
@ -33,3 +30,10 @@ http:
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- "<td>([0-9.]+)<strong>"