Tekon - Unauthenticated Log Leak

What is the "Tekon - Unauthenticated Log Leak?" module?

The "Tekon - Unauthenticated Log Leak" module is designed to detect a vulnerability in the Tekon software that allows remote unauthenticated users to disclose the log of the remote device. This module focuses on identifying misconfigurations or vulnerabilities in the Tekon software.

The severity of this vulnerability is classified as low.

This module was authored by gy741.

Impact

If exploited, this vulnerability could allow unauthorized individuals to access and view the log files of the remote device. This could potentially expose sensitive information and provide insights into the system's activities, which may aid in further attacks or unauthorized access.

How does the module work?

The module sends an HTTP GET request to the "/cgi-bin/log.cgi" path of the target system. It then applies several matching conditions to determine if the vulnerability is present:

- The response body must contain the phrases "-- Logs begin at" and "end at". - The response header must include the content type "text/plain". - The HTTP status code must be 200.

If all of these conditions are met, the module identifies the presence of the vulnerability.

It's important to note that this module does not perform any actions beyond detecting the vulnerability. It is part of a larger scanning process that utilizes multiple modules to assess the security of the target system.

For more information, refer to the reference.