MetInfo <=6.1.0 - Local File Inclusion

MetInfo <=6.1.0 - Local File Inclusion

The "MetInfo <=6.1.0 - Local File Inclusion" module is designed to detect a vulnerability in the MetInfo software version 6.1.0 and below. This vulnerability is categorized as a Local File Inclusion (LFI) issue and has a severity level of high, making it a critical concern for the security of systems using MetInfo.

Impact

A successful exploitation of this vulnerability can allow an attacker to include arbitrary files from the server, potentially leading to unauthorized access, data leakage, or remote code execution. It poses a significant risk to the confidentiality, integrity, and availability of the affected system.

How the module works?

The module sends HTTP requests to the target server, specifically targeting the "/include/thumb.php" endpoint. It attempts to include the "config/config_db.php" file using different path variations, such as "http/.....///.....///config/config_db.php" or ".....///http/.....///config/config_db.php".

The module then applies matching conditions to determine if the vulnerability is present. It checks the response body for the presence of specific keywords like "con_db_pass" and "con_db_name". Additionally, it verifies that the response status code is 200.

If both matching conditions are met, the module reports the vulnerability, indicating that the target system is susceptible to the MetInfo <=6.1.0 Local File Inclusion vulnerability.