Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Fastvue Dashboard Panel - Unauthenticated Detect

By kannthu

Vidoc logoVidoc Module

What is the "Fastvue Dashboard Panel - Unauthenticated Detect?"

The "Fastvue Dashboard Panel - Unauthenticated Detect" module is designed to detect the presence of the Fastvue Dashboard panel without authentication. Fastvue Dashboard is a software used for reporting and monitoring network activity, specifically for Sophos Reporter and SonicWall. This module focuses on identifying instances where the dashboard panel is accessible without the need for proper authentication.

This module has a medium severity level, indicating that it poses a moderate risk if left unaddressed. It is important to ensure that proper authentication measures are in place to protect sensitive information.

Author: DhiyaneshDK


If the Fastvue Dashboard panel is accessible without authentication, it can potentially expose sensitive network activity and data to unauthorized individuals. This can lead to unauthorized access, data breaches, and compromise of network security.

How does the module work?

The module works by sending an HTTP GET request to the "/dashboard.aspx" path. It then applies a series of matching conditions to determine if the Fastvue Dashboard panel is accessible without authentication.

Matching conditions:

- The response must contain either the "<title>Fastvue Sophos Reporter</title>" or "<title>Fastvue Reporter for SonicWall</title>" keywords in the HTML title. - The response body must contain the keyword "Dashboard". - The response status code must be 200 (OK).

If all of these conditions are met, the module will flag the Fastvue Dashboard panel as being accessible without authentication.

Example HTTP request:

GET /dashboard.aspx

Note: The above example is a simplified representation of the HTTP request. Actual requests may contain additional headers or parameters.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: <title>Fastvue Sophos Reporter</title>, ...and
word: Dashboardand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability