Skip to content
Nuclei Templates

ipTIME A2004 - Unauthorized Access

ID: CVE-2024-54764

Severity: medium

Author: ritikchaddha

Tags: cve,cve2024,iptime,router,unauth,exposure

Description

Section titled “Description”

An access control issue exists in the component /login/hostinfo2.cgi of ipTIME A2004 v12.17.0 that allows attackers to obtain sensitive information without authentication. The vulnerability allows unauthenticated access to device settings and configuration information.

YAML Source

Section titled “YAML Source”
id: CVE-2024-54764


info:
  name: ipTIME A2004 - Unauthorized Access
  author: ritikchaddha
  severity: medium
  description: |
    An access control issue exists in the component /login/hostinfo2.cgi of ipTIME A2004 v12.17.0 that allows attackers to obtain sensitive information without authentication. The vulnerability allows unauthenticated access to device settings and configuration information.
  reference:
    - https://github.com/Shuanunio/CVE_Requests/blob/main/ipTIME/A2004/ipTIME_A2004_unauthorized_access_vulnerability_second.md
    - https://nvd.nist.gov/vuln/detail/CVE-2024-54764
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
    cvss-score: 6.5
    cve-id: CVE-2024-54764
    cwe-id: CWE-284
  metadata:
    verified: true
    max-request: 1
    vendor: ipTIME
    product: A2004
    shodan-query: http.title:"ipTIME"
    fofa-query: title="ipTIME"
  tags: cve,cve2024,iptime,router,unauth,exposure


http:
  - method: GET
    path:
      - "{{BaseURL}}/login/hostinfo2.cgi"


    matchers-condition: and
    matchers:
      - type: word
        part: response
        words:
          - "product_name="
          - "system_type="
        condition: and


      - type: word
        part: content_type
        words:
          - "text/plain"


      - type: status
        status:
          - 200
# digest: 490a004630440220693471ec264407c43f5187bc32fa29ff039fb133cac30546a642f8a70819b59b022077bdbb138aa46c1c4b946fdfa252ac306aff56e8e1c6123ed01859f0edc7b374:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-54764.yaml"

View on Github