ConnectWise Server Backup Manager SE Panel - Detect

What is the "ConnectWise Server Backup Manager SE Panel - Detect" module?

The "ConnectWise Server Backup Manager SE Panel - Detect" module is designed to detect the presence of the ConnectWise Server Backup Manager SE login panel. ConnectWise Server Backup Manager SE is a software used for server backup management. This module focuses on identifying potential misconfigurations or vulnerabilities related to the login panel.

The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate security risk.

This module was authored by prajiteshsingh.

Impact

This module does not directly impact the system or software being scanned. Instead, it provides information about the presence of the ConnectWise Server Backup Manager SE login panel, which can help identify potential security risks or misconfigurations.

How does the module work?

The module works by sending an HTTP GET request to the "/login.zul" path of the target system. It then applies matching conditions to determine if the response contains the phrase "Server Backup Manager SE" in the body and if the response status is 200 (OK).

Example HTTP request:

GET /login.zul

The module uses the following matching conditions:

- The response body must contain the phrase "Server Backup Manager SE". - The response status must be 200 (OK).

If both conditions are met, the module will report the detection of the ConnectWise Server Backup Manager SE login panel.

For more information, you can refer to the ConnectWise security bulletin.