rethinkdb-admin-console: RethinkDB Administration Console - Detect

漏洞描述

PoC代码[已公开]

id: rethinkdb-admin-console

info:
  name: RethinkDB Administration Console - Detect
  author: tess
  severity: medium
  description: RethinkDB Administration Console was detected.
  reference:
    - https://rethinkdb.com/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.favicon.hash:969374472
  tags: misconfig,rethinkdb,console,dashboard,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/#dashboard'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'RethinkDB Administration Console'

      - type: status
        status:
          - 200
# digest: 490a00463044022008bee8257de471c86c12cfd8340f16d07c510ff2503b59b96de7816db1463d0c0220763644e436821f2f652108613ff1e889ff301ed6cc739bea2a93958d0bfa34cf:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC CVE-2016-15043: WP Mobile Detector <= 3.5 - Unrestricted File Upload
• POC CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS
• POC CVE-2019-5591: FortiOS - Insecure LDAP Configuration Detection
• POC CVE-2024-28200: N-able N-central < 2024.2 - Authentication Bypass Detection
• POC keycloak-admin-console-config: Keycloak Admin Console Configuration Disclosure
• POC smtp-credentials-exposure: SMTP Credentials Exposure - Detection
• POC rails-history-exposure: Rails/Ruby Console History - Exposure
• POC jboss-jmx-console-unauth: JBoss JMX Console - Unauthenticated Access
• POC phpmyadmin-fpd: phpMyAdmin Full Path Disclosure
• POC wp-admin-menu-editor-fpd: Admin Menu Editor - Full Path Disclosure
• Smartadmin 简致微信管理系统默认口令漏洞
• WordPress Plugin Alone Theme /wp-admin/admin-ajax.php beplus_import_pack_install_plugin 文件上传漏洞（CVE-2025-5394）
• WordPress Time Clock 插件 /wp-admin/admin-ajax.php 代码执行漏洞 （CVE-2024-9593）