mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
22 lines
1.0 KiB
YAML
22 lines
1.0 KiB
YAML
id: untrusted-root-certificate
|
|
|
|
info:
|
|
name: Untrusted Root Certificate - Detect
|
|
author: pussycat0x
|
|
severity: low
|
|
description: |
|
|
A root certificate is a digital certificate issued by a trusted certificate authority that acts as a basis for other digital certificates. An untrusted root certificate is a certificate that is issued by an authority that is not trusted by the computer, and therefore cannot be used to authenticate websites or other digital certificates.
|
|
reference:
|
|
- https://www.sslmarket.com/ssl/trusted-and-untrusted-certificate
|
|
- https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/ssl-untrusted-root-certificate/
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
tags: ssl,tls,untrusted,vuln
|
|
ssl:
|
|
- address: "{{Host}}:{{Port}}"
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- "untrusted == true"
|
|
# digest: 490a0046304402201421bea4f80bb55cb5ab634dc7709d225226a1e5f296a25b16fc3b63940bc10b022027cc35c34b34453267019284199b94da7460e3dfa508454c6ba7d44cf17f2869:922c64590222798bb761d5b6d8e72950 |