id: webdav-enabled info: name: WebDAV Protocol - Detect author: tess severity: info description: | WebDAV protocol was detected. remediation: | Recommended disabling if not currently in use. reference: - https://www.acunetix.com/vulnerabilities/web/webdav-enabled/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: "true" shodan-query: "Ms-Author-Via: DAV" tags: webdav,misconfig,exposure requests: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} - | OPTIONS / HTTP/1.1 Host: {{Hostname}} - | OPTIONS / HTTP/1.1 Host: {{Hostname}} Authorization: Basic YW5vbnltb3VzOmFub255bW91cw== stop-at-first-match: true matchers: - type: word part: header words: - "Ms-Author-Via: DAV" # Enhanced by md on 2023/02/06