id: avtech-dvr-exposure

info:
  name: AVTECH AVC798HA DVR - Information Exposure
  author: geeknik
  severity: low
  description: AVTECH AVC798HA DVR is susceptible to information exposure. CGI scripts in the /cgi-bin/nobody directory can be accessed without authentication. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - http://www.avtech.com.tw/
  metadata:
    max-request: 1
  tags: dvr,exposure,avtech,panel

http:
  - method: GET
    path:
      - "{{BaseURL}}/cgi-bin/nobody/Machine.cgi?action=get_capability"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "Firmware.Version="
          - "MACAddress="
          - "Product.Type="
        condition: and