Merge pull request #7956 from projectdiscovery/pussycat0x-patch-5

CAIMORE Gateway Default Login - Detect
2023-08-18 10:35:46 +05:30 · 2023-08-18 10:35:46 +05:30 · 805e9ffd1e
parent 8fabc8eb49 f20c0ec18a
commit 805e9ffd1e
1 changed files with 39 additions and 0 deletions
--- a/http/default-logins/caimore/caimore-default-login.yaml
+++ b/http/default-logins/caimore/caimore-default-login.yaml
@ -0,0 +1,39 @@
+id: caimore-default-login
+
+info:
+  name: CAIMORE Gateway  Default Login - Detect
+  author: pussycat0x
+  severity: high
+  description: |
+    The gateway of Xiamen Caimao Communication Technology Co., Ltd. is designed with open software architecture. It is a metal shell design, with two Ethernet RJ45 interfaces, and an industrial design wireless gateway using 3G/4G/5G wide area network for Internet communication. There is a command execution vulnerability in the formping file of the gateway of Xiamen Caimao Communication Technology Co., Ltd. An attacker can use this vulnerability to arbitrarily execute code on the server side, write to the back door, obtain server permissions, and then control the entire web server.
+  metadata:
+    max-request: 1
+    verified: true
+    fofa-query: app="CAIMORE-Gateway"
+  tags: ciamore-gateway,default-login
+
+http:
+  - raw:
+      - |
+        GET /index.asp HTTP/1.1
+        Host: {{Hostname}}
+        Accept-Encoding: gzip, deflate
+        Authorization: Basic {{base64(username + ':' + password)}}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - admin
+      password:
+        - admin
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "AR9344_GATEWAY"
+
+      - type: status
+        status:
+          - 200