id: tasmota-install

info:
  name: Tasmota Installer Exposure
  author: ritikchaddha
  severity: high
  description: Tasmota is susceptible to the Installation page exposure due to misconfiguration.
  classification:
    cpe: cpe:2.3:o:tasmota_project:tasmota:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: tasmota_project
    product: tasmota
    shodan-query: title:"Tasmota"
  tags: misconfig,tasmota,install,exposure

http:
  - method: GET
    path:
      - "{{BaseURL}}/install/"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Install Tasmota"
          - "Tasmota Installer"
        condition: or

      - type: status
        status:
          - 200
# digest: 490a00463044022039761e6426b69cd2fb9da1251b61531ad8574ed9a00640b9ac0a5054f58cc2e50220090b6fc865528b024af8ad03b08ae6cec5a23d6338a5932cbeacd12424cbbc00:922c64590222798bb761d5b6d8e72950