Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

AEM GQLServlet

By kannthu

Low
Vidoc logoVidoc Module
#aem
Description

What is the "AEM GQLServlet" module?

The "AEM GQLServlet" module is a test case in the Vidoc platform that detects misconfigurations or vulnerabilities in Adobe Experience Manager (AEM) instances. It specifically targets the GQLServlet component in AEM.

This module has a low severity level, indicating that the detected issues may have limited impact or pose a lower risk.

The original authors of this module are dhiyaneshDk and prettyboyaaditya.

Impact

The "AEM GQLServlet" module aims to identify potential misconfigurations or vulnerabilities in the GQLServlet component of Adobe Experience Manager. If any issues are found, it could potentially lead to unauthorized access, data leaks, or other security risks.

How does the module work?

The "AEM GQLServlet" module utilizes HTTP request templates and matching conditions to perform its scanning. It sends various GET requests to the GQLServlet endpoint with different query parameters and path prefixes.

For example, one of the HTTP requests sent by this module is:

GET /bin/wcm/search/gql.json?query=type:User%20limit:..1&pathPrefix=&p.ico

The module then applies matching conditions to the responses received from the server. It checks if the response status is 200 (indicating a successful request) and if certain words like "excerpt," "path," and "hits" are present in the response content.

If all the matching conditions are met, the module reports a potential misconfiguration or vulnerability in the GQLServlet component of AEM.

It's important to note that this module is designed to provide accurate and reliable results based on the defined matching conditions. However, it's always recommended to further investigate and address any identified issues to ensure the security of your AEM instance.

For more information about the AEM GQLServlet module, you can refer to the official Adobe Experience Manager documentation.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/bin/wcm/search/gql..../bin/wcm/search/gql..../bin/wcm/search/gql....(+26 paths)
Matching conditions
status: 200and
word: excerpt, path, hits
Passive global matcher
No matching conditions.
On match action
Report vulnerability