exposed-hg: HG Configuration - Detect

漏洞描述

PoC代码[已公开]

id: exposed-hg

info:
  name: HG Configuration - Detect
  author: daffainfo
  severity: medium
  description: HG configuration was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    max-request: 1
  tags: config,exposure,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/.hg/hgrc"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "[paths]"
          - "default"
        condition: and

      - type: status
        status:
          - 200
# digest: 490a0046304402203af5c85e57e0f6027f6529d057e797f135575f419483d0ccfd66fedaaecd58d4022049dcbefe05033a798e2de9f508de5f0684221c7dddf74b7f3b42f9bfdc91e8b7:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• (CVE-2025-9242) WatchGuard Fireware OS 未授权远程代码执行漏洞
• POC CVE-2022-34045: WAVLINK WN530HG4 - Improper Access Control
• POC CVE-2022-34047: WAVLINK WN530HG4 - Improper Access Control
• POC CVE-2022-34049: WAVLINK WN530HG4 - Improper Access Control
• POC CVE-2022-48166: Wavlink WL-WN530HG4 M30HG4.V5030.201217 - Information Disclosure
• POC CVE-2017-17215: 华为HG532e远程命令执行漏洞
• POC huawei-hg532e-default-login: Huawei HG532e Default Credential
• POC huawei-home-gateway-hg659-fileread: Huawei Home Gateway Hg659 Fileread
• POC watchguard-credentials-disclosure: WatchGuard Fireware AD Helper Component - Credentials Disclosure
• POC huawei-HG532e-default-login: Huawei HG532e Default Credential
• POC huawei-hg255s-lfi: Huawei HG255s - Local File Inclusion
• POC huawei-hg659-lfi: HUAWEI HG659 - Local File Inclusion
• POC watchguard-credentials-disclosure: WatchGuard Fireware AD Helper Component - Credentials Disclosure