Odoo - Panel Detect

What is Odoo - Panel Detect?

Odoo - Panel Detect is a module designed to detect misconfigurations or vulnerabilities in the Odoo login panel. Odoo is a powerful open-source business management software that offers a range of applications for various business needs. This module focuses on identifying potential security issues in the login panel of Odoo.

With a severity level of "informative," this module provides valuable insights into the security posture of the Odoo login panel.

Impact

The Odoo - Panel Detect module helps identify potential misconfigurations or vulnerabilities in the Odoo login panel. By detecting these issues, it enables administrators to take appropriate actions to secure their Odoo installation and protect sensitive data.

How the module works?

The Odoo - Panel Detect module utilizes HTTP request templates and matching conditions to perform its scanning. It sends a GET request to the "/web/login" path of the Odoo application and applies several matchers to determine if the login panel is configured correctly.

The matching conditions include:

- Checking the presence of specific words, such as "<title>Odoo</title>" and "Log in," in the response body - Verifying that the response header contains the word "text/html" - Ensuring that the response status code is 200

If all the matching conditions are met, the module reports a potential vulnerability or misconfiguration in the Odoo login panel.

By leveraging the Odoo - Panel Detect module, administrators can proactively identify and address security weaknesses in their Odoo login panel, enhancing the overall security of their Odoo installation.