flask-redis-docker: Flask Redis Queue Docker - Exposure

日期: 2025-08-01 | 影响软件: Flask Redis Docker | POC: 已公开

漏洞描述

Flask Redis Queue Docker is exposed.

PoC代码[已公开]

id: flask-redis-docker

info:
  name: Flask Redis Queue Docker - Exposure
  author: DhiyaneshDk
  severity: low
  description: Flask Redis Queue Docker is exposed.
  reference:
    - https://www.facebook.com/photo/?fbid=623621413141715&set=a.467014098802448
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"Flask + Redis Queue + Docker"
  tags: misconfig,exposure,flask,redis,docker

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    host-redirects: true
    max-redirects: 2

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '<title>Flask + Redis Queue + Docker</title>'

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100e0f3563e9a1e007db6f76a3dc4fd6e83f2b868cb8e983a43a30a6e2a1cc2d1b4022100ddeee576b21ea060588215fded036c471a6ad7f680071e584eb5d1e577631b45:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./http/misconfiguration/flask-redis-docker.yaml