daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lint fix

patch-1
sandeep 2021-10-14 19:50:43 +05:30
parent 558272470e
commit adfbed9d51
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
vulnerabilities/other/ecoa-building-lfi.yaml
View File

@ -5,7 +5,7 @@ info:
author: gy741
severity: high
description: The BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device
reference:
reference:
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5670.php
- https://www.twcert.org.tw/en/cp-139-5140-6343c-2.html
tags: ecoa,lfi,cve-2021-41291

2
vulnerabilities/other/karel-ip-phone-lfi.yaml
View File

@ -4,7 +4,7 @@ info:
name: Karel IP Phone IP1211 Web Management Panel - Directory Traversal
author: 0x_Akoko
severity: high
description: A vulnerability in the Karel IP Phone IP1211 Web Management Panel allows remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter.
description: A vulnerability in the Karel IP Phone IP1211 Web Management Panel allows remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter.
reference:
- https://cxsecurity.com/issue/WLB-2020100038
- https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon