nuclei-templates/http/misconfiguration/envoy-admin-exposure.yaml

35 lines
828 B
YAML
Raw Permalink Normal View History

2022-10-12 17:11:26 +00:00
id: envoy-admin-exposure
info:
name: Envoy Admin Exposure
author: DhiyaneshDk
severity: medium
2024-01-03 06:08:41 +00:00
description: Envoy Admin page exposed.
2022-10-12 17:11:26 +00:00
reference:
- https://www.envoyproxy.io/docs/envoy/latest/
metadata:
verified: true
2023-10-14 11:27:55 +00:00
max-request: 1
2022-10-12 17:11:26 +00:00
shodan-query: title:"Envoy Admin"
tags: misconfig,envoy,exposure
http:
2022-10-12 17:11:26 +00:00
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
words:
- "<title>Envoy Admin</title>"
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
# digest: 4a0a0047304502200730b4d4870c7f30e367b50699bcbd9fe09401983b47158e6e000f12f4f178fe022100ac3d37047f7413c77e9e050d233af8f0433c92f1f4b80cb590a3581ad5bb38ac:922c64590222798bb761d5b6d8e72950