intermapper-exposure: InterMapper - Exposure

漏洞描述

PoC代码[已公开]

id: intermapper-exposure

info:
  name: InterMapper - Exposure
  author: pussycat0x
  severity: high
  description: |
    Detected unauthenticated InterMapper access, which could allow unauthorized users to view or interact with monitoring data without proper authentication.
  metadata:
    max-request: 1
    verified: true
    shodan-query: html:"InterMapper"
  tags: exposure,intermapper,unauth

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    redirects: true
    max-redirects: 2
    matchers:
      - type: dsl
        dsl:
          - "status_code == 200"
          - "contains_all(body, 'Device List','Outages','Full','Statistics','InterMapper Server')"
        condition: and
# digest: 4a0a00473045022100a65d194802b5fcd19fe9fb7d29440f8caf15ae3fe9c87d58b9183e03a32e78bf022016b550fb6ec35d2666ac8099e14f5b19a3766d277a6707819e78a13957438130:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC CVE-2023-33960: OpenProject < 12.5.4 - Project Identifiers Exposure
• POC dagster-webserver-ui-exposure: Dagster - Webserver UI Exposure
• POC frigate-api-exposure: Frigate NVR - API Exposure
• POC batflat-sqlite-exposure: Batflat SQLite Database - Exposure
• POC netlify-headers-config-exposure: Netlify Headers Configuration - Exporsure
• POC selenium-grid-exposure: Selenium Grid Exposure
• POC aws-buildspec-exposure: AWS CodeBuild Build Spec - Exposure
• POC gcloudignore-file-exposure: Google Cloud Ignore File Exposure
• POC joe-deadjoe-file-exposure: Joe Editor DEADJOE File - Exposure
• POC postgres-history-exposure: PostgreSQL History - Exposure
• POC vscode-mcp-json: Visual Studio Code MCP Configuration ("mcp.json") Exposure
• POC cacti-log-exposure: Cacti Log - Exposure
• POC magento-debug-log-exposure: Magento Debug Log - Exposure