漏洞信息
漏洞名称: DD-WRT Control Panel - Exposure
漏洞类型: 未授权访问
漏洞等级: 低危
漏洞描述: DD-WRT是一款广泛使用的路由器固件,提供了丰富的网络功能和管理选项,适用于家庭和企业环境。其控制面板允许用户进行各种配置,如网络设置、安全选项等。然而,部分部署中可能存在控制面板未正确配置访问控制的问题,导致未授权访问。该漏洞属于未授权访问类型,由于缺乏适当的访问控制机制,攻击者无需认证即可访问控制面板,查看敏感信息或进行配置更改。虽然漏洞的严重性被评定为低危,因为它不直接允许代码执行或数据修改,但未授权访问仍可能导致信息泄露或为进一步攻击创造条件。此漏洞的利用无需认证,且可通过自动化工具检测,增加了被恶意利用的风险。
产品厂商: DD-WRT
产品名称: DD-WRT Control Panel
搜索语法: http.favicon.hash:252728887
来源: https://github.com/projectdiscovery/nuclei-templates/blob/a7885ff0600224212809b9b289a0595a9598f0d9/http%2Fmisconfiguration%2Fdd-wrt-controlpanel-exposure.yaml
类型: projectdiscovery/nuclei-templates:github issues
POC详情
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
id: dd-wrt-controlpanel-exposure
info:
name: DD-WRT Control Panel - Exposure
author: DhiyaneshDk
severity: low
description: |
The DD-WRT web interface was found exposed without proper access controls, potentially allowing unauthorized users to view.
reference:
- https://wiki.dd-wrt.com/wiki/index.php/Web_interface
- https://dd-wrt.com/
metadata:
verified: true
max-request: 1
shodan-query: http.favicon.hash:252728887
tags: dd-wrt,exposure,unauth
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: dsl
dsl:
- "contains_all(body, 'DD-WRT Control Panel','WAN IPv6')"
- "status_code == 200"
condition: and
|