linktap-gateway-exposure: LinkTap Gateway Exposure

漏洞描述

PoC代码[已公开]

id: linktap-gateway-exposure

info:
  name: LinkTap Gateway Exposure
  author: DhiyaneshDk
  severity: low
  description: LinkTap Gateway is exposed.
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"LinkTap Gateway"
  tags: misconfig,linktap,iot,exposure,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'Device infomation'
          - 'Ethernet settings'
        condition: and

      - type: status
        status:
          - 200
# digest: 490a00463044022025170f6bbf6d02c94e2f09ba0de2211a169bdc8ad5acf06cef5cef7053cd7917022011de0a0908f6c61718d436372b4424dd25e33dee7c19c08bfd9fbecca0eb4711:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC wp-security-hidden-login-exposure: WordPress All-in-One Security <=4.4.1 - Hidden Login Page Exposure
• POC CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure
• POC cockroachdb-unauth-exposure: CockroachDB Unauthenticated Console Exposure
• （CVE-2025-12101）NetScaler ADC和Gateway配置为网关或AAA虚拟服务器时的跨站脚本漏洞
• POC CVE-2025-55190: ArgoCD Project API Token Repository Credentials Exposure
• POC CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File
• POC churchcrm-installer: ChurchCRM - Setup Exposure
• Omnissa Workspace ONE UEM /DevicesGateway/apps/system-app-metadata 目录遍历漏洞（CVE-2025-25231）
• 用友U8Cloud NCCloudGatewayServlet 命令注入漏洞
• 用友 U8 Cloud NCCloudGatewayServlet 命令执行漏洞
• 用友 U8 Cloud NCCloudGatewayServlet存在命令执行漏洞
• POC 用友 U8 Cloud NCCloudGatewayServlet 命令执行漏洞
• Spring Cloud Gateway 信息泄露漏洞（CVE-2025-41243）