daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/file/audit/pfsense/password-protected-consolem...

34 lines
837 B
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

id: password-protected-consolemenu
info:
name: Configure Password Protected on Console Menu
author: pussycat0x
severity: info
description: |
An unattended computer with an open Console Menu session to the device could allow an unauthorized user access to the firewalls management.
reference: |
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
metadata:
verified: true
tags: firewall,config,audit,pfsense,file
file:
- extensions:
- xml
matchers-condition: and
matchers:
- type: word
words:
- "<disableconsolemenu>"
- "<disableconsolemenu>1</disableconsolemenu>"
condition: or
negative: true
- type: word
words:
- "<pfsense>"
- "<webgui>"
- "<system>"
condition: and
Reference in New Issue View Git Blame Copy Permalink