id: openbmcs-secret-disclosure

info:
  name: OpenBMCS 2.4 - Information Disclosure
  author: dhiyaneshDK
  severity: high
  description: OpenBMCS 2.4 contains an information disclosure vulnerability. The application allows directory listing and exposure of some sensitive files, which can allow an attacker to leverage the disclosed information and gain full access.
  reference:
    - https://www.exploit-db.com/exploits/50671
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cwe-id: CWE-200
  metadata:
    max-request: 1
    shodan-query: http.favicon.hash:1550906681
  tags: misconfig,edb,openbmcs

http:
  - method: GET
    path:
      - "{{BaseURL}}/debug/"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "change_password_sqls"
          - "Index of /debug"
        condition: and

      - type: status
        status:
          - 200

# digest: 490a00463044022073f533a2f8d0320492227b718112596694fdfcd1b884fe0396ed1a22440370ae02204fb250db80cc95e534767ce315be596ad551bdaa642e74f66f3db6169c20212b:922c64590222798bb761d5b6d8e72950