Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Karel IP Phone IP1211 Web Management Panel - Local File Inclusion" module is designed to detect a vulnerability in the Karel IP Phone IP1211 Web Management Panel. This module specifically targets the Karel IP Phone IP1211 Web Management Panel and checks for a local file inclusion vulnerability. The severity of this vulnerability is classified as high.
A successful exploitation of the local file inclusion vulnerability in the Karel IP Phone IP1211 Web Management Panel could allow an attacker to access sensitive files on the system. This could potentially lead to unauthorized access, disclosure of sensitive information, or even remote code execution.
The module sends an HTTP GET request to the target URL with a specific path parameter that attempts to access the system's password file. The request is made with basic authorization credentials. The module then uses matching conditions to check if the response contains the string "root:[x*]:0:0" and if the response status code is 200. If both conditions are met, the module reports a vulnerability.
Example HTTP request:
GET /cgi-bin/cgiServer.exx?page=../../../../../../../../../../../etc/passwd HTTP/1.1
Host: [target_host]
Authorization: Basic [base64_encoded_credentials]
The matching conditions for this module are:
- The response body must contain the string "root:[x*]:0:0" - The response status code must be 200When these conditions are met, the module identifies the presence of the local file inclusion vulnerability in the Karel IP Phone IP1211 Web Management Panel.
Authorization: Basic YWRtaW46YWRtaW...