Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "FortiADC Login Panel - Detect" module is designed to detect the presence of the FortiADC login panel. FortiADC is an application delivery controller developed by Fortinet. This module focuses on identifying the login panel and does not perform any further actions. The severity of this module is classified as informative.
Author: DhiyaneshDk
This module does not have any direct impact as it only detects the presence of the FortiADC login panel. However, the presence of the login panel may indicate potential security risks if misconfigured or vulnerable.
The module works by sending an HTTP GET request to the "/ui/#navigate/Login" path. It then applies several matching conditions to determine if the response indicates the presence of the FortiADC login panel:
- The response body must contain the HTML title tag "<title>FortiADC</title>
".
- The response header must include the content type "text/html".
- The response status code must be 200 (OK).
If all of these conditions are met, the module reports that the FortiADC login panel has been detected.
Classification
CWE-ID: CWE-200
CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Reference
- https://www.fortinet.com/products/application-delivery-controller/fortiadc
Metadata
max-request: 1
verified: true
shoda