daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml by md

patch-1
MostInterestingBotInTheWorld 2023-03-10 11:41:02 -05:00
parent 9d16e0c7ee
commit 783914f71c
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml
View File

@ -1,12 +1,16 @@
id: openbmcs-secret-disclosure
info:
name: OpenBMCS 2.4 Secrets Disclosure
name: OpenBMCS 2.4 - Information Disclosure
author: dhiyaneshDK
severity: high
description: The application allows directory listing and information disclosure of some sensitive files that can allow an attacker to leverage the disclosed information and gain full BMS access
description: OpenBMCS 2.4 contains an information disclosure vulnerability. The application allows directory listing and exposure of some sensitive files, which can allow an attacker to leverage the disclosed information and gain full access.
reference:
- https://www.exploit-db.com/exploits/50671
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
metadata:
shodan-query: http.favicon.hash:1550906681
tags: misconfig,edb,openbmcs
@ -27,3 +31,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2023/03/10