id: tekon-info-leak info: name: Tekon - Unauthenticated Log Leak author: gy741 severity: low description: A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device reference: - https://medium.com/@bertinjoseb/post-auth-rce-based-in-malicious-lua-plugin-script-upload-scada-controllers-located-in-russia-57044425ac38 metadata: max-request: 1 shodan-query: title:"контроллер" tags: tekon,exposure,unauth http: - method: GET path: - '{{BaseURL}}/cgi-bin/log.cgi' max-size: 2048 matchers-condition: and matchers: - type: word part: body words: - "-- Logs begin at" - "end at" condition: and - type: word part: header words: - "text/plain" - type: status status: - 200 # digest: 4b0a00483046022100a57eb472f2a72479eb5ca9ad13b3b597f6e62dae0dcd631fd8cb96a1800c56fa022100ce652d5d520a1d37a0a0aed2f4c3a784a599a7aed0210bafb268def1b0c305b0:922c64590222798bb761d5b6d8e72950