Allied Telesis Device GUI Login Panel - Detect

What is the "Allied Telesis Device GUI Login Panel - Detect?"

The "Allied Telesis Device GUI Login Panel - Detect" module is designed to detect the presence of the Allied Telesis Device GUI login panel. This module focuses on identifying the login panel of Allied Telesis devices, which allows users to access the graphical user interface (GUI) of the device. The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by prajiteshsingh.

Impact

This module does not have a direct impact on the security of the device or network. It solely aims to detect the presence of the Allied Telesis Device GUI login panel.

How does the module work?

The module works by sending an HTTP GET request to the "/public/login.html" path of the target device. It then applies several matching conditions to determine if the login panel belongs to an Allied Telesis device:

- The response body must contain the HTML title tag "<title>Allied Telesis Device GUI</title>". - The response header must include the content type "text/html". - The HTTP status code must be 200 (OK).

If all of these conditions are met, the module reports a successful detection of the Allied Telesis Device GUI login panel.

Classification:

CWE-ID: CWE-200

CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

Reference:

- https://www.alliedtelesis.com/in/en

Metadata:

max-request: 1

verified: true

shodan-query: title:"All"