AVTECH AVC798HA DVR - Information Exposure

What is "AVTECH AVC798HA DVR - Information Exposure?"

The "AVTECH AVC798HA DVR - Information Exposure" module is designed to detect the vulnerability of AVTECH AVC798HA DVR to information exposure. This module targets the AVTECH AVC798HA DVR software, which is a digital video recorder used for surveillance purposes. The severity of this vulnerability is classified as low. The original author of this module is geeknik.

Impact

If exploited, this vulnerability allows unauthorized access to CGI scripts in the /cgi-bin/nobody directory of the AVTECH AVC798HA DVR without authentication. This can potentially lead to the exposure of sensitive information, unauthorized data modification, and execution of unauthorized operations.

How does the module work?

The module sends an HTTP GET request to the path "/cgi-bin/nobody/Machine.cgi?action=get_capability" of the AVTECH AVC798HA DVR. It then applies matching conditions to the response to determine if the vulnerability is present.

The matching conditions used in this module are:

- Status code 200: The response status code must be 200. - Presence of specific words: The response must contain the words "Firmware.Version=", "MACAddress=", and "Product.Type=".

If both matching conditions are met, the module identifies the AVTECH AVC798HA DVR as vulnerable to information exposure.

For more information, please refer to the reference.