id: canon-c3325-unauth

info:
  name: Canon R-ADV C3325 - Unauth
  author: ritikchaddha
  severity: high
  description: |
    Canon R-ADV C3325 unauthenticated dashboard has been exposed.
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"c3325"
  tags: canon,c3325,unauth,exposure

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "writeln('Log Out"
          - "Remote UI : Portal"
        condition: and

      - type: status
        status:
          - 200
# digest: 4b0a0048304602210083291bfa27c2698c070fa13a163c87c97feaa394c167665d9d53f0a3cf2ff683022100bc5d939ab6d5ade90a3e1bf79e3909c5f9549888fbd3a00a73e1e8d02227e7a9:922c64590222798bb761d5b6d8e72950