Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Ruijie Phpinfo" module is a test case designed to detect misconfigurations in the Ruijie network device. It specifically targets the "phpinfo.view.php" file and checks for the presence of certain PHP version and extension information. The severity of this module is classified as low.
This module was authored by pikpikcu.
If the "Ruijie Phpinfo" module detects a misconfiguration, it indicates that the "phpinfo.view.php" file is accessible and may expose sensitive information about the PHP environment. This could potentially aid attackers in identifying vulnerabilities or weaknesses in the system.
The "Ruijie Phpinfo" module sends a GET request to the "/tool/view/phpinfo.view.php" path on the target Ruijie network device. It then applies two matching conditions:
If both matching conditions are met, the module reports a vulnerability.
Example HTTP request:
GET /tool/view/phpinfo.view.php
The module expects the response to contain the words "PHP Version" and "PHP Extension" and have a status code of 200.
For more information, you can refer to the reference on GitHub.