SolarWinds ARM (Access Rights Manager) - Detect
ID: solarwinds-arm-panel
Severity: info
Author: bhutch
Tags: panel,solarwinds
Description
Section titled “Description”SolarWinds ARM login panel was detected.
YAML Source
Section titled “YAML Source”id: solarwinds-arm-panel
info: name: SolarWinds ARM (Access Rights Manager) - Detect author: bhutch severity: info description: | SolarWinds ARM login panel was detected. reference: - https://www.solarwinds.com/access-rights-manager classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 cpe: cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: solarwinds product: access_rights_manager shodan-query: http.favicon.hash:-1416464161 censys-query: - services.http.response.html_title="Solarwinds Access Rights Manager" - services.http.response.html_title="solarwinds access rights manager" fofa-query: icon_hash=-1416464161 tags: panel,solarwinds
http: - method: GET path: - "{{BaseURL}}"
host-redirects: true max-redirects: 2
matchers-condition: and matchers: - type: word part: body words: - "<title>Solarwinds Access Rights Manager</title>"
- type: status status: - 200# digest: 4a0a00473045022100c6f7796562e39d0f472a6298346902d790f24b4cfa4f83a4a3a01fcbca9b556b02206f0abb87555ab3ef5c0605e8937ff7b0202fda1c1c9df46d04f84bfc4dca6e86:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/exposed-panels/solarwinds-arm-panel.yaml"