漏洞描述
Apache CouchDB is exposed to external users.
apache-couchdb-unauth: Apache CouchDB - Unauthenticated Access
PoC代码[已公开]
id: apache-couchdb-unauth
info:
name: Apache CouchDB - Unauthenticated Access
author: SleepingBag945
severity: high
description: Apache CouchDB is exposed to external users.
reference:
- https://github.com/ax1sX/SecurityList/blob/main/Database/CouchDB.md
- https://github.com/taomujian/linbing/blob/master/python/app/plugins/http/CouchDB/Couchdb_Unauthorized.py
- https://github.com/mubix/tools/blob/master/nmap/scripts/couchdb-stats.nse
metadata:
verified: true
max-request: 1
shodan-query: product:"CouchDB"
fofa-query: app="APACHE-CouchDB"
tags: apache,couchdb,unauth,misconfig,vuln
http:
- method: GET
path:
- "{{BaseURL}}/_config"
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(body,"httpd_design_handlers") && contains(body,"external_manager")'
condition: and
# digest: 4a0a00473045022007e0ef247d8c4b39c436e3f075855dc0a1de479ca0417e97d368bced20dc85b4022100e3355fb5b58c6022695f28a05a8fe6d9c38ec8ac553e16e94908a9308d147c4c:922c64590222798bb761d5b6d8e72950