exposed-sharepoint-list: Sharepoint List - Detect

日期: 2025-08-01 | 影响软件: Sharepoint List | POC: 已公开

漏洞描述

Sharepoint list was detected because of improper configuration. An anonymous user can access SharePoint Web Services.

PoC代码[已公开]

id: exposed-sharepoint-list

info:
  name: Sharepoint List - Detect
  author: ELSFA7110
  severity: medium
  description: Sharepoint list was detected because of improper configuration. An anonymous user can access SharePoint Web Services.
  reference:
    - https://hackerone.com/reports/761158
    - https://hackerone.com/reports/300539
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    max-request: 1
  tags: hackerone,config,exposure,sharepoint,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/_vti_bin/lists.asmx?WSDL"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "GetListResponse"
          - "GetList"
        part: body
        condition: and

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100ae7108e1376a75c88cf16d6aecd7a1fb581e5920be65cd05742b5999272bd2740221009e9692e3082ba381fae9636405cbddbf795541f44316fef88f55fc0743a2cf11:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/configs/exposed-sharepoint-list.yaml