ZyXel Router Login Panel - Detect

What is the "ZyXel Router Login Panel - Detect" module?

The "ZyXel Router Login Panel - Detect" module is designed to detect the presence of the ZyXel Router login panel. ZyXel Router is a specific brand of router commonly used in IoT (Internet of Things) devices. This module focuses on detecting misconfigurations or vulnerabilities in the ZyXel Router login panel.

This module has an informative severity level, which means it provides valuable information without indicating a critical security issue.

Impact

The impact of this module depends on the specific misconfiguration or vulnerability detected in the ZyXel Router login panel. It could potentially expose sensitive information or allow unauthorized access to the router's settings.

How the module works?

The "ZyXel Router Login Panel - Detect" module works by sending an HTTP GET request to the "/login" path of the target ZyXel Router. It then applies matching conditions to determine if the login panel is present and functioning correctly.

The matching conditions for this module are:

- The response body must contain the words "Welcome to the Web-Based Configurator" and "zyxel". - The response status code must be 200.

If both matching conditions are met, the module considers the ZyXel Router login panel to be detected.

Example HTTP request:

GET /login

Note: The actual HTTP request may include additional headers or parameters, but those are not specified in the module definition.