Anteon Dashboard - Unauthenticated
ID: anteon-dashboard-unauth
Severity: medium
Author: DhiyaneshDk
Tags: anteon,misconfig,dashboard,unauth
Description
Section titled “Description”The Anteon Dashboard was found to be accessible via the /dashboard endpoint without authentication.This exposure may allow unauthorized users to gain insights into internal services, configurations, or sensitive operational data depending on the permissions and features enabled on the dashboard.
YAML Source
Section titled “YAML Source”id: anteon-dashboard-unauth
info: name: Anteon Dashboard - Unauthenticated author: DhiyaneshDk severity: medium description: | The Anteon Dashboard was found to be accessible via the /dashboard endpoint without authentication.This exposure may allow unauthorized users to gain insights into internal services, configurations, or sensitive operational data depending on the permissions and features enabled on the dashboard. impact: | Unauthorized access to the dashboard can lead to information disclosure, configuration leaks, or even administrative control depending on the level of access the endpoint provides. metadata: verified: true max-request: 1 fofa-query: title="Anteon:" tags: anteon,misconfig,dashboard,unauth
http: - method: GET path: - "{{BaseURL}}/dashboard"
matchers: - type: dsl dsl: - "contains_all(body, 'Anteon','Monitoring Solution')" - "status_code == 200" condition: and# digest: 4a0a00473045022005324c90ec7faa4871a3e509caf664e9a50141c7fc23cb172f9452183088856d022100fc7c5b13817d68fa8b4cf1889e20d0be84bfd407c0a13bf4b563fc89b53a8b16:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/misconfiguration/anteon-dashboard-unauth.yaml"