honeywell-scada-config: Honeywell Scada Configuration File - Detect

日期: 2025-08-01 | 影响软件: Honeywell Scada | POC: 已公开

漏洞描述

Honeywell Scada configuration file was detected. The downloaded file opens with the file name and contains critical information about the destination address.

PoC代码[已公开]

id: honeywell-scada-config

info:
  name: Honeywell Scada Configuration File - Detect
  author: alperenkesk
  severity: low
  description: Honeywell Scada configuration file was detected. The downloaded file opens with the file name and contains critical information about the destination address.
  reference:
    - https://www.exploit-db.com/exploits/44734
  metadata:
    max-request: 1
  tags: scada,config,exposure,edb,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/web_caps/webCapsConfig"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "DeviceSubClass"
          - "IPAddress"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a0047304502210083088bb4485ad518203212f5a503a17db4787ed1fdaac26ea26b2a92615adfb502203d897eef87c6452148040e60b47f90cc1a27356ab175ff63ee0ba142866ca387:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/configs/honeywell-scada-config.yaml