Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Dlink Dir-850L Info Leak

By kannthu

Informative
Vidoc logoVidoc Module
#dlink
Description

Dlink Dir-850L Info Leak

What is the "Dlink Dir-850L Info Leak?"

The "Dlink Dir-850L Info Leak" module is designed to detect an information leakage vulnerability in the Dlink Dir-850L software. This vulnerability can potentially expose sensitive information to unauthorized users. The severity of this vulnerability is classified as informative, indicating that it provides valuable information but does not pose an immediate threat.

This module was authored by pikpikcu.

Impact

The information leakage vulnerability in the Dlink Dir-850L software can allow unauthorized users to access sensitive data. This can include user IDs and passwords, which can be used for unauthorized access to the system or other malicious activities. It is important to address this vulnerability to protect the confidentiality of user information.

How the module works?

The "Dlink Dir-850L Info Leak" module works by sending a specific HTTP request to the target system. It checks for specific conditions in the response to determine if the information leakage vulnerability is present.

One example of an HTTP request used by this module is:

POST /hedwig.cgi HTTP/1.1
Host: [target_host]
Cookie: uid=R8tBjwtFc8
Content-Type: text/xml

[request_body]

The module then applies matching conditions to the response to identify the presence of the vulnerability. In this case, it checks for a response status code of 200 and the presence of specific words, such as "" and "", in the response body.

If these conditions are met, the module will report the vulnerability, indicating that the information leakage vulnerability is present in the target system.

Reference:

- https://xz.aliyun.com/t/2941

Metadata:

max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
POST/hedwig.cgi
Headers

Cookie: uid=R8tBjwtFc8

Content-Type: text/xml

Matching conditions
status: 200and
word: </usrid>, </password>
Passive global matcher
No matching conditions.
On match action
Report vulnerability