ZOHO ManageEngine Analytics Plus Panel - Detect

ID: manageengine-analytics

Severity: info

Author: dhiyaneshDK

Tags: panel,zoho,manageengine,zohocorp

Description

ZOHO ManageEngine analytics plus panel was detected.

YAML Source

id: manageengine-analytics

info:
  name: ZOHO ManageEngine Analytics Plus Panel - Detect
  author: dhiyaneshDK
  severity: info
  description: ZOHO ManageEngine analytics plus panel was detected.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-200
    cpe: cpe:2.3:a:zohocorp:manageengine_analytics_plus:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: zohocorp
    product: manageengine_analytics_plus
    fofa-query:
      - app="ZOHO-流量管理"
      - app="zoho-流量管理"
      - title="apex it help desk"
    shodan-query: http.title:"apex it help desk"
    google-query: intitle:"apex it help desk"
  tags: panel,zoho,manageengine,zohocorp

http:
  - method: GET
    path:
      - '{{BaseURL}}/iam/login'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - '<title>ManageEngine Analytics Plus</title>'

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100e1aa4a4be8c3ea74862535b83554821eb21ef405784f23e78a3ab4e9b5a43a50022100e9552020ee0b34c0bf8b39a2b78621a946667cfd431d73d0e088265a4d6ae272:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/exposed-panels/zoho/manageengine-analytics.yaml"

View on Github