unauth-esphome: ESPHome Web Server access - Unauthenticated Access

漏洞描述

ESPHome is a powerful smart home devices with simple YAML configuration.

PoC代码[已公开]

id: unauth-esphome

info:
  name: ESPHome Web Server access - Unauthenticated Access
  author: pussycat0x
  severity: high
  description: |
    ESPHome is a powerful smart home devices with simple YAML configuration.
  reference:
    - https://esphome.io/components/web_server/
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.title:"ESPHome"
  tags: esphome,iot,unauth,misconfig,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(body, "<title>Dashboard - ESPHome")'
        condition: and
# digest: 490a0046304402200a28977cb53da03157e862c2a093823bfb9d06670f81861df217401fd0265a3802201b2fc4ccd42052bccbd78948471be6723af22640390b7ff68a38c6a17347daa4:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/misconfiguration/unauth-esphome.yaml