nuclei-templates/http/exposed-panels/arcserve-panel.yaml

40 lines
1.0 KiB
YAML

id: arcserve-panel
info:
name: ArcServe Panel - Detect
author: DhiyaneshDk
severity: info
reference:
- https://twitter.com/HunterMapping/status/1674267368359444480
- https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe
classification:
cpe: cpe:2.3:a:arcserve:udp:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: arcserve
product: udp
shodan-query:
- http.favicon.hash:-1889244460
- http.favicon.hash:"-1889244460"
fofa-query: icon_hash="-1889244460"
tags: panel,login,arcserve,detect
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Arcserve UDP"
- "/arcserve.js"
condition: or
- type: status
status:
- 200
# digest: 4b0a00483046022100b0fe46eeedfd7d75402634ec0af24f6657e3c725d982e73fc172b4356fb2492a022100be2368c6c77c1d134fe9952c35b1ccfc337e1bd72bffdead5ea76b23853d6b96:922c64590222798bb761d5b6d8e72950