daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update commax-biometric-auth-bypass.yaml

patch-1
Prince Chaddha 2022-05-31 14:30:59 +05:30 committed by GitHub
parent c4e9ddf1f0
commit 9a4a006909
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
vulnerabilities/other/commax-biometric-auth-bypass.yaml
View File

@ -4,7 +4,8 @@ info:
name: COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass
author: gy741
severity: critical
description: COMMAX Biometric Access Control System 1.0.0 suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.
description: |
COMMAX Biometric Access Control System 1.0.0 suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.
reference:
- https://www.exploit-db.com/exploits/50206
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5661.php
@ -21,11 +22,9 @@ requests:
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
part: body
words:
- "<title>::: COMMAX :::</title>"
@ -34,4 +33,7 @@ requests:
words:
- "text/html"
- type: status
status:
- 200
# Enhanced by mp on 2022/05/27