daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update fatpipe-networks-warp-backdoor.yaml

patch-1
Prince Chaddha 2021-09-30 16:13:19 +05:30 committed by GitHub
parent 606d2b5ea4
commit 9e25b4871e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
vulnerabilities/other/fatpipe-networks-warp-backdoor.yaml
View File

@ -7,7 +7,8 @@ info:
description: The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application. description: The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.
reference: reference:
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5684.php - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5684.php
tags: fatpipe,default-login,backdoor - https://www.fatpipeinc.com/support/advisories.php
tags: fatpipe,default-login,backdoor,auth-bypass
requests: requests:
- raw: - raw:
@ -31,6 +32,6 @@ requests:
- type: word - type: word
words: words:
- "success" - '"loginRes":"success"'
- "loginRes" - '"activeUserName":"cmuser"'
condition: and condition: and