nuclei-templates/network/exposed-dockerd.yaml

26 lines
550 B
YAML

id: exposed-dockerd
info:
name: Docker Daemon Exposed
author: arafatansari
severity: critical
description: |
Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system.
metadata:
verified: true
shodan-query: port:2375 product:"docker"
tags: network,docker
tcp:
- inputs:
- data: "Docker:\nVersion:\n"
host:
- "{{Hostname}}"
- "{{Host}}:2375"
matchers:
- type: word
words:
- "Server: Docker"