漏洞描述
AVideo installer panel was detected.
shodan: http.title:"AVideo"
fofa: "AVideo"
avideo-install: AVideo Installer - Detect
PoC代码[已公开]
id: avideo-install
info:
name: AVideo Installer - Detect
author: ritikchaddha
severity: high
description: AVideo installer panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
cvss-score: 8.2
cwe-id: CWE-459
cpe: cpe:2.3:a:wwbn:avideo:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
shodan-query: http.title:"AVideo"
fofa-query: "AVideo"
product: avideo
vendor: wwbn
tags: panel,install,avideo,misconfig,vuln
http:
- method: GET
path:
- "{{BaseURL}}/install/index.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>Install AVideo</title>'
- type: word
part: body
negative: true
words:
- 'Your system is installed, remove the'
- type: status
status:
- 200
# digest: 490a004630440220389ef5da58dc98feddc942acb18c9e21343e8e03d8ee752e5b0adbf4e3bf44f2022048b03b2b51d3dc7beeec55041edf56716b01eda60a941f73f7898f92409ce1f8:922c64590222798bb761d5b6d8e72950