Xerox DC260 EFI Fiery Controller Webtools 2.0 - Local File Inclusion

What is the "Xerox DC260 EFI Fiery Controller Webtools 2.0 - Local File Inclusion?"

The "Xerox DC260 EFI Fiery Controller Webtools 2.0 - Local File Inclusion" module is designed to detect a vulnerability in the Xerox DC260 EFI Fiery Controller Webtools 2.0 software. This vulnerability is classified as CWE-22 and has a severity level of high. The module was authored by gy741.

Impact

A local file inclusion vulnerability allows an attacker to include arbitrary files from the target system. In the case of the Xerox DC260 EFI Fiery Controller Webtools 2.0, this vulnerability can be exploited to read sensitive files, such as the "/etc/passwd" file, which contains user account information.

How the module works?

The module sends an HTTP GET request to the "/wt3/forceSave.php" script with the "file" parameter set to "/etc/passwd". It then applies two matching conditions to determine if the vulnerability is present:

- The response body is checked using a regular expression to ensure that the "root" user entry is present in the "/etc/passwd" file. - The response status code is checked to ensure it is 200, indicating a successful request.

If both conditions are met, the module reports the vulnerability.