Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Caucho Resin Information Disclosure" module is designed to detect a specific vulnerability in the Caucho Resin software. This vulnerability can lead to the disclosure of sensitive information. The severity of this vulnerability is classified as high. The module was authored by princechaddha.
If exploited, the "Caucho Resin Information Disclosure" vulnerability can result in the exposure of sensitive information. This can potentially lead to unauthorized access, data breaches, and other security risks.
The module works by sending an HTTP request to the target server and analyzing the response. It specifically looks for a certain path ("/%20../web-inf/") and checks if the response status is 200 (OK) and if the response body contains specific words ("/ ../web-inf/" and "Directory of /"). If these conditions are met, the module identifies the presence of the vulnerability.
Here is an example of the HTTP request sent by the module:
GET /%20../web-inf/
The module uses the following matching conditions:
- Status: 200 (OK) - Response body contains: "/ ../web-inf/" and "Directory of /"When these matching conditions are satisfied, the module reports the vulnerability.