nuclei-templates/http/exposed-panels/avtech-dvr-exposure.yaml

30 lines
837 B
YAML

id: avtech-dvr-exposure
info:
name: AVTECH AVC798HA DVR - Information Exposure
author: geeknik
severity: low
description: AVTECH AVC798HA DVR is susceptible to information exposure. CGI scripts in the /cgi-bin/nobody directory can be accessed without authentication. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- http://www.avtech.com.tw/
tags: dvr,exposure,avtech,panel
metadata:
max-request: 1
http:
- method: GET
path:
- "{{BaseURL}}/cgi-bin/nobody/Machine.cgi?action=get_capability"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "Firmware.Version="
- "MACAddress="
- "Product.Type="
condition: and