Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Lvmeng - UTS Disclosure" module is designed to detect vulnerabilities in the Lvmeng UTS software. It focuses on identifying misconfigurations that could potentially lead to security breaches. This module has a high severity level, indicating the importance of addressing any vulnerabilities found. The module was created by an undisclosed author.
If a vulnerability is detected by the "Lvmeng - UTS Disclosure" module, it could potentially expose sensitive information or allow unauthorized access to the Lvmeng UTS software. This could lead to data breaches, unauthorized modifications, or other security incidents.
The "Lvmeng - UTS Disclosure" module works by sending an HTTP GET request to the "/webapi/v1/system/accountmanage/account" endpoint of the target system. The request includes the "Content-Type" header set to "application/json". The module then applies a series of matching conditions to determine if the response indicates a vulnerability.
The matching conditions include:
- The response status code must be 200. - The response header must contain the word "application/json". - The response body must contain the words "password", "nsfocus_uts", and "MANAGER_IP".If all of these conditions are met, the module will report a vulnerability.
Content-Type: application/json