google-adk-webui-exposed: Google ADK Development UI Exposure

日期: 2025-08-01 | 影响软件: Google ADK Development UI | POC: 已公开

漏洞描述

Detects the exposure of the Google Agent Development Kit (ADK) Development UI, which may lead to sensitive information disclosure or unauthorized access.

PoC代码[已公开]

id: google-adk-webui-exposed

info:
  name: Google ADK Development UI Exposure
  author: princechaddha
  severity: unknown
  description: |
    Detects the exposure of the Google Agent Development Kit (ADK) Development UI, which may lead to sensitive information disclosure or unauthorized access.
  reference:
    - https://google.github.io/adk-docs/
    - https://github.com/google/adk-samples
  metadata:
    max-request: 1
    verified: true
    shodan-query: http.html:"Agent Development Kit Dev UI"
  tags: adk,exposure,google,ai,agent,devops,discovery

http:
  - method: GET
    path:
      - "{{BaseURL}}/dev-ui/"

    matchers:
      - type: word
        part: body
        words:
          - "<title>Agent Development Kit Dev UI</title>"
# digest: 4a0a0047304502202a0a269b33cfc8bc8fb8bf0ee314929bcbf9499e3bf74fb52b813382c5f949cc022100b3adb3aa17cfcba042f49770482fe2bb38e35d7fc5b2525b2d04b7787d6c635b:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposed-panels/google-adk-webui-exposed.yaml