Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "ESPHome Login Panel - Detect" module is designed to detect the presence of the ESPHome login panel. ESPHome is an open-source framework for building custom firmware for ESP8266/ESP32 devices. This module specifically targets the login panel of ESPHome installations.
The severity of this module is classified as informative, meaning it provides information about the presence of the login panel but does not indicate any specific vulnerability or misconfiguration.
This module was authored by fabaff.
The impact of detecting the ESPHome login panel is primarily informational. It indicates that the login panel is accessible and can be used to authenticate and manage ESPHome devices.
The "ESPHome Login Panel - Detect" module works by sending an HTTP GET request to the "/login" path of the target ESPHome installation. It then applies two matching conditions to determine if the login panel is present:
If both matching conditions are met, the module reports the detection of the ESPHome login panel.
Example HTTP request:
GET /login
Matching conditions:
- The response body must contain the HTML class "esphome-header". - The HTTP response status must be 200.