daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update beward-ipcamera-disclosure.yaml

patch-1
Prince Chaddha 2021-08-16 16:37:34 +05:30 committed by GitHub
parent 4e498a6478
commit af4f29ab03
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
vulnerabilities/other/beward-ipcamera-disclosure.yaml
View File

@ -2,11 +2,13 @@ id: beward-ipcamera-disclosure
info: info:
name: BEWARD N100 H.264 VGA IP Camera M2.1.6 Arbitrary File Disclosure name: BEWARD N100 H.264 VGA IP Camera M2.1.6 Arbitrary File Disclosure
description: The N100 compact color IP camera suffers from an authenticated file disclosure vulnerability. Input passed via the READ.filePath parameter in fileread script is not properly verified before being used to read files. This can be exploited to disclose the contents of arbitrary files via absolute path or via the SendCGICMD API.
reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5511.php
author: geeknik author: geeknik
severity: high severity: high
tags: beward,iot,camera,disclosure description: The N100 compact color IP camera suffers from an authenticated file disclosure vulnerability. Input passed via the READ.filePath parameter in fileread script is not properly verified before being used to read files. This can be exploited to disclose the contents of arbitrary files via absolute path or via the SendCGICMD API.
reference: |
- https://www.exploit-db.com/exploits/46320
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5511.php
tags: iot,camera,disclosure
requests: requests:
- method: GET - method: GET
@ -20,7 +22,7 @@ requests:
- type: regex - type: regex
regex: regex:
- 'root:[x*]:0:0:' - 'root:[x*]:0:0:'
condition: or
- type: status - type: status
status: status:
- 200 - 200