Detected AdminBro/AdminJS admin panel was exposed without authentication, allowing unauthenticated users to access the admin dashboard and potentially view, modify, or delete sensitive data. This misconfiguration occurred when developers used buildRouter() instead of buildAuthenticatedRouter().
PoC代码[已公开]
id: adminbro-dashboard-exposure
info:
name: AdminBro Dashboard - Unauthenticated Access
author: 0x_Akoko
severity: high
description: |
Detected AdminBro/AdminJS admin panel was exposed without authentication, allowing unauthenticated users to access the admin dashboard and potentially view, modify, or delete sensitive data. This misconfiguration occurred when developers used buildRouter() instead of buildAuthenticatedRouter().
reference:
- https://docs.adminjs.co/basics/authentication
- https://github.com/SoftwareBrothers/adminjs
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
cvss-score: 8.2
cwe-id: CWE-306
metadata:
verified: true
max-request: 2
tags: adminbro,adminjs,misconfig,exposure,unauth,panel
http:
- method: GET
path:
- "{{BaseURL}}/admin"
- "{{BaseURL}}/admin/"
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(content_type, "text/html")'
- 'contains_all(body, "window.REDUX_STATE", "window.AdminBro", "\"session\":null", "\"resources\":[")'
condition: and
# digest: 4a0a0047304502207987c58f3615fae17cb9ee480430257046615c9b0120b0e98d104b68ddc63cd7022100e703129d032f4784ec756fe83d6b0e8a4823b04780f67a343290244db33141c5:922c64590222798bb761d5b6d8e72950