Merge pull request #10387 from NoelV11/main

Added Template to detect Exposed Instances of RLOS Cabinet Management…
projectdiscovery · Jul 30, 2024 · 75886b8 · 75886b8
2 parents fbc0fa8 + 8cf57b8
commit 75886b8
Showing 1 changed file with 31 additions and 0 deletions.
diff --git a/http/misconfiguration/manage-cabinet-register.yaml b/http/misconfiguration/manage-cabinet-register.yaml
@@ -0,0 +1,31 @@
+id: manage-cabinet-register
+
+info:
+  name: Manage Cabinet Register - Exposed
+  author: noel
+  severity: low
+  description: |
+   The path to the Cabinet Storage is omniapp/pages/cabinet/managecabinet.jsf?Action=1. If exposed, it gives an attacker insight into information such as Storage Volume Name, Cabinet Name, it's alias, Deployed AppServer IP Address and Port
+  reference:
+    - https://www.edms-consultants.com/newgen-rlos/
+  metadata:
+    verified: true
+    shodan-query: html:"omniapp"
+    max-request: 1
+  tags: misconfig,cabinet,exposure
+
+http:
+  - method: GET
+    path:
+      - '{{BaseURL}}/omniapp/pages/cabinet/managecabinet.jsf?Action=1'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Manage Cabinet [Register Cabinet]'
+
+      - type: status
+        status:
+          - 200