daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update fatpipe-networks-warp-backdoor.yaml

patch-1
Prince Chaddha 2021-09-30 16:13:19 +05:30 committed by GitHub
parent 606d2b5ea4
commit 9e25b4871e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
vulnerabilities/other/fatpipe-networks-warp-backdoor.yaml
View File

@ -7,7 +7,8 @@ info:
description: The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.
reference:
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5684.php
tags: fatpipe,default-login,backdoor
- https://www.fatpipeinc.com/support/advisories.php
tags: fatpipe,default-login,backdoor,auth-bypass
requests:
- raw:
@ -31,6 +32,6 @@ requests:
- type: word
words:
- "success"
- "loginRes"
- '"loginRes":"success"'
- '"activeUserName":"cmuser"'
condition: and