IoT vDME Simulator Panel - Detect

What is the "IoT vDME Simulator Panel - Detect" module?

The "IoT vDME Simulator Panel - Detect" module is designed to detect misconfigurations in the IoT vDME Simulator panel. It targets the IoT vDME Simulator software and has a medium severity level. The module was authored by tess.

Impact

If a misconfiguration is detected in the IoT vDME Simulator panel, it can potentially expose the panel to anonymous access, allowing unauthorized users to create new items.

How does the module work?

The module works by sending an HTTP GET request to the specified path, which is port 9998. It then applies several matching conditions to determine if the misconfiguration is present:

- The body of the response must contain the following words: "<title>IoT vDME Simulator</title>", "Configuration Repository", and "Current configuration". - The response header must contain the word "text/html". - The HTTP status code must be 200.

If all of these conditions are met, the module will report the vulnerability.