Update fatpipe-networks-warp-backdoor.yaml
parent
606d2b5ea4
commit
9e25b4871e
|
@ -7,7 +7,8 @@ info:
|
|||
description: The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.
|
||||
reference:
|
||||
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5684.php
|
||||
tags: fatpipe,default-login,backdoor
|
||||
- https://www.fatpipeinc.com/support/advisories.php
|
||||
tags: fatpipe,default-login,backdoor,auth-bypass
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -31,6 +32,6 @@ requests:
|
|||
|
||||
- type: word
|
||||
words:
|
||||
- "success"
|
||||
- "loginRes"
|
||||
- '"loginRes":"success"'
|
||||
- '"activeUserName":"cmuser"'
|
||||
condition: and
|
||||
|
|
Loading…
Reference in New Issue