Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Tekon - Unauthenticated Log Leak

By kannthu

Vidoc logoVidoc Module

What is the "Tekon - Unauthenticated Log Leak?" module?

The "Tekon - Unauthenticated Log Leak" module is designed to detect a vulnerability in the Tekon software that allows remote unauthenticated users to disclose the log of the remote device. This module focuses on identifying misconfigurations or vulnerabilities in the Tekon software.

The severity of this vulnerability is classified as low.

This module was authored by gy741.


If exploited, this vulnerability could allow unauthorized individuals to access and view the log files of the remote device. This could potentially expose sensitive information and provide insights into the system's activities, which may aid in further attacks or unauthorized access.

How does the module work?

The module sends an HTTP GET request to the "/cgi-bin/log.cgi" path of the target system. It then applies several matching conditions to determine if the vulnerability is present:

- The response body must contain the phrases "-- Logs begin at" and "end at". - The response header must include the content type "text/plain". - The HTTP status code must be 200.

If all of these conditions are met, the module identifies the presence of the vulnerability.

It's important to note that this module does not perform any actions beyond detecting the vulnerability. It is part of a larger scanning process that utilizes multiple modules to assess the security of the target system.

For more information, refer to the reference.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: -- Logs begin at, end atand
word: text/plainand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability