漏洞描述
Unauthorized access to the AMR Printer Management dashboard was possible, potentially exposing sensitive printer configuration and management interfaces without proper authentication.
amr-printer-management-unauth: AMR Printer Management Dashboard - Exposure
PoC代码[已公开]
id: amr-printer-management-unauth
info:
name: AMR Printer Management Dashboard - Exposure
author: ritikchaddha
severity: medium
description: |
Unauthorized access to the AMR Printer Management dashboard was possible, potentially exposing sensitive printer configuration and management interfaces without proper authentication.
metadata:
max-request: 1
verified: true
shodan-query: title:"AMR Printer Management"
fofa-query: title="AMR Printer Management"
tags: network,iot,printer,misconfig,unauth,vuln
http:
- method: GET
path:
- "{{BaseURL}}"
- "{{BaseURL}}/amr"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- "AMR Printer Management"
- "<span>Basic Setup"
- "<span>Log"
condition: and
- type: status
status:
- 200
# digest: 490a0046304402203732ac7385ffdb3c702cc8de2e005fa8fd54e45fabb2cea61515f520de3d3e10022035e363f3029e5ac17854611d398913463aee18e4c72b6435a95aef3502d679c8:922c64590222798bb761d5b6d8e72950