Netis Router Login Panel - Detect

What is the "Netis Router Login Panel - Detect?"

The "Netis Router Login Panel - Detect" module is designed to detect the presence of the Netis router login panel. It targets Netis routers and helps identify potential misconfigurations or vulnerabilities. The severity of this module is informative, meaning it provides valuable information without posing an immediate threat. The original author of this module is gy741.

Impact

This module does not directly impact the system or network being scanned. Instead, it provides information about the presence of the Netis router login panel, which can be used to assess the security posture of the target system.

How does the module work?

The "Netis Router Login Panel - Detect" module works by sending an HTTP GET request to the "/login.htm" path of the target system. It then applies several matching conditions to determine if the Netis router login panel is present:

- The module checks if the response body contains the HTML title tag "<title>AP setup</title>". - It verifies if the response header includes the server information "Server: netis". - Lastly, it confirms that the HTTP response status code is 200 (OK).

If all of these conditions are met, the module reports the detection of the Netis router login panel.

For more information, you can refer to the following resources:

- https://www.tacnetsol.com/blog/cve-2019-8985-rce

Metadata: max-request: 1