Closed ghost closed 6 years ago
Hi,
Thx for the info. I can create a routersploit exploit for your vulnerability but I need something more to avoid false positive : can you give me an example of a file retrieved via this vulnerability (with all confidential data anonymized ofc) ? So I will be able to pick a unique pattern in the file and use it to avoid false positive :)
Thx
My scripts are bad :P , I'm a newbie .
The Correct response - correct_response.txt
Error file: error_response.txt
Can you provide some more information about this vulnerability? Was it disclosed to vendor? Was CVE assigned etc?
Credentials leak: It leaks a file 'get_params.cgi' which contains all the credentials stored/configured on the device.
https://github.com/somu1795/netwave_ip_camera_vulnerability