ICT Protege WX Login Panel - Detect

What is the "ICT Protege WX Login Panel - Detect?"

The "ICT Protege WX Login Panel - Detect" module is designed to detect misconfigurations in the login panel of the ICT Protege WX software. ICT Protege WX is a security management platform used for access control and building automation. This module focuses on identifying potential vulnerabilities in the login panel, which could lead to unauthorized access or other security issues.

This module has an informative severity level, meaning it provides valuable information about potential vulnerabilities but does not pose an immediate threat.

This module was authored by ritikchaddha.

Impact

If misconfigurations or vulnerabilities are detected in the ICT Protege WX login panel, it could potentially allow unauthorized individuals to gain access to the system. This could lead to unauthorized control over access control systems, compromising the security of the protected premises or sensitive areas.

How does the module work?

The "ICT Protege WX Login Panel - Detect" module works by sending an HTTP GET request to the "/login.htm" path of the target system. It then applies matching conditions to determine if the login panel is properly configured and secure.

The matching conditions for this module include:

- Checking if the response body contains the HTML title tag "<title>ICT Protege WX®</title>", indicating that the login panel belongs to the ICT Protege WX software. - Verifying that the HTTP response status code is 200, indicating a successful request.

If both matching conditions are met, the module will report a potential misconfiguration or vulnerability in the ICT Protege WX login panel.