Vulners FREE API - Anomaly with user agent #58
Comments
|
Hello, thanks for the info, the team is looking into it |
|
Hi, We have now a new issue. For example, we have a dnsmasq 2.83 release on a server. We scan this server with nmap --script vuln and the resullt returned is false We have CVE that have no correspondance with the 2.83 release of dnsmasq. For example, your api returns the CVE-2017-15107 for dnsmasq 2.83, that s false because the CVE-2017-15107 is for dnsmas less than 2.78 We have also tested with a direct call of API like below and the results are wrong. It seems that your api don't take into account the version GET : https://vulners.com/api/v3/burp/software/?software=cpe:/a:thekelleys:dnsmasq:2.83&version=2.83&type=cpe UA : Vulners NMAP Plugin 1.7 result : { } Best regards |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
when we are using the free API (https://vulners.com/api/v3/burp/software/) with the User-Agent in HTTP Header "Vulners NMAP Plugin",
The API return a 502 Bad gateway error.
On the other hand, using any other word in the UA header works as expected.
As we are using vulners.nse script, no vulnerability is returned cause of this.
We are thinking that the API should return bad gateway error to any other UA instead of "Vulners NMAP Plugin".
Best Regards
The text was updated successfully, but these errors were encountered: