id: iotawatt-app-exposure info: name: IoTaWatt Configuration app author: pussycat0x severity: high description: unauthenticated IoTaWatt energy monitor leads to upload to any of several third-party energy websites/database metadata: fofa-dork: 'app="IoTaWatt-Configuration-app"' tags: iot,exposure requests: - method: GET path: - "{{BaseURL}}" matchers-condition: and matchers: - type: word words: - '

Configure IoTaWatt Device

' - 'IoTaWatt Configuration app' condition: and part: body - type: status status: - 200