Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

AVTECH Video Surveillance Product - Unauthenticated File Download

By kannthu

High
Vidoc logoVidoc Module
#exposure#avtech#unauth#download#iot
Description

What is the "AVTECH Video Surveillance Product - Unauthenticated File Download?"

The "AVTECH Video Surveillance Product - Unauthenticated File Download" module is designed to detect a vulnerability in AVTECH video surveillance products. This vulnerability allows unauthenticated users to download files from the web root through the "/cgi-bin/cgibox" endpoint. The severity of this vulnerability is classified as high.

This module was authored by ritikchaddha.

Impact

If exploited, this vulnerability can allow unauthorized users to download sensitive files from the AVTECH video surveillance system. This can lead to unauthorized access to confidential information, compromise of the system's integrity, and potential privacy breaches.

How the module works?

The module works by sending HTTP requests to the targeted AVTECH video surveillance system. It specifically targets the "/cgi-bin/cgibox" endpoint and appends "?cab" to the file name to trigger the file download functionality.

The module includes the following matching conditions:

- The response body must contain the strings "ELF" and "ddns_avtech_final". - The response header must include the string "text/plain". - The HTTP status code must be 200.

When all of these conditions are met, the module reports a vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/cgi-bin/cgibox?.cab/cgi-bin/cgibox?/nob...
Matching conditions
word: ELF, ddns_avtech_finaland
word: text/plainand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability