漏洞描述
Detects exposed NextcloudPi dashboard instances. NextcloudPi dashboard is typically accessible on port 4443 and should not be exposed to the internet as it provides administrative access to the NextcloudPi instance.
nextcloudpi-dashboard: NextcloudPi Dashboard - Exposed
PoC代码[已公开]
id: nextcloudpi-dashboard
info:
name: NextcloudPi Dashboard - Exposed
author: ritikchaddha
severity: high
description: |
Detects exposed NextcloudPi dashboard instances. NextcloudPi dashboard is typically accessible on port 4443 and should not be exposed to the internet as it provides administrative access to the NextcloudPi instance.
remediation: |
Restrict access to the NextcloudPi dashboard to trusted IP addresses only. Use a VPN or firewall rules to limit access.
reference:
- https://github.com/nextcloud/nextcloudpi
metadata:
verified: true
max-request: 1
vendor: nextcloud
product: nextcloudpi
shodan-query: title:"NextcloudPi Panel"
fofa-query: title="NextcloudPi Panel"
tags: nextcloud,nextcloudpi,dashboard,misconfig,exposed,discovery
http:
- method: GET
path:
- "{{BaseURL}}/?app=config"
matchers:
- type: dsl
dsl:
- "contains_any(body, 'Power Off', 'Nextcloud configuration')"
- "status_code==200"
condition: and
# digest: 4a0a0047304502206e5c9b309ac289c251b4c957fb1525737453a38ccf7ac03c1bc0eb3afaf45bc2022100af296b1433d233c22a389282e5308f9cef06ea486925bd7ccedc6fb18aa5039c:922c64590222798bb761d5b6d8e72950