id: avtech-dvr-exposure

info:
  name: AVTECH AVC798HA DVR - Information Exposure
  author: geeknik
  severity: low
  description: AVTECH AVC798HA DVR is susceptible to information exposure. CGI scripts in the /cgi-bin/nobody directory can be accessed without authentication. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - http://www.avtech.com.tw/
  metadata:
    max-request: 1
  tags: dvr,exposure,avtech,panel

http:
  - method: GET
    path:
      - "{{BaseURL}}/cgi-bin/nobody/Machine.cgi?action=get_capability"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "Firmware.Version="
          - "MACAddress="
          - "Product.Type="
        condition: and

# digest: 4b0a00483046022100e27ed288a5450a02ba27d7938d5320f256bdad6ec0415088a630a94ff3320cad022100f29436d821b9b80d0cc2f2e2cf37fa3bc8fef37192cba521cb0d36683c1e66a1:922c64590222798bb761d5b6d8e72950