klr300n-install: KLR 300N Router - Exposed Installation

日期: 2025-08-01 | 影响软件: klr300n-install | POC: 已公开

漏洞描述

Home router wireless KLR 300N setup page were Detected.

PoC代码[已公开]

id: klr300n-install

info:
  name: KLR 300N Router - Exposed Installation
  author: andreluna
  severity: high
  description: |
    Home router wireless KLR 300N setup page were Detected.
  reference:
    - http://www.keo.com.br/produtos/roteador-klr-300n
    - http://www.keo.com.br/wp-content/uploads/2017/09/Manual_KLR_300N_03-17_site.pdf
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"def_wirelesspassword"
  tags: keo,klr300n,misconfig,exposure,iot,install,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    host-redirects: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>Roteador Wireless KLR 300N</title>"
          - "def_wirelesspassword"
          - "Installation assitance"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a004730450220466dd0ce7d593fec96c83e1c8f4d24c09090bffae59ded3d9a342da65c11eb6b022100891da172fde651e5046554be111b41a172272f3d60a9938ea504caca55a4ad67:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/misconfiguration/installer/klr300n-installer.yaml