solr-admin-query: Solr Admin Query Page

漏洞描述

PoC代码[已公开]

id: solr-admin-query

info:
  name: Solr Admin Query Page
  author: dhiyaneshDK
  severity: high
  description: |
    app="APACHE-Solr"
  reference: 
    - https://www.exploit-db.com/ghdb/5856

rules:
    r0:
        request:
            method: GET
            path: /admin/
        expression: response.status == 200 && response.body.bcontains(b'<title>Solr admin page</title>')
    r1:
        request:
            method: GET
            path: /solr/admin/
        expression: response.status == 200 && response.body.bcontains(b'<title>Solr admin page</title>')
expression: r0() && r1()

相关漏洞推荐

• POCCVE-2017-12629: Apache Solr <= 7.1 XML entity injection
• POCCVE-2019-0193: Apache Solr Remote Code Execution
• POCCVE-2021-27905: Apache Solr <= 8.8.1 SSRF
• POCCVE-2024-45216: Apache Solr 身份认证绕过
• POCapache-solr-remotestreaming-anyfileread: Apache Solr RemoteStreaming 任意文件读取
• POCsolr-admin-unauth: Solr Admin Unauth
• POCsolr-bypass-fileread: Apache-Solr 身份认证绕过导致任意文件读取
• POCsolr-log4j-rce: Apache Solr Log4j Remote Code Execution
• POCsolr-velocity-template-rce: solr velocity template rce
• 无POCApache Solr /solr/admin/cores XML 外部实体注入漏洞（CVE-2017-12629）
• POCCVE-2016-1000155: WordPress WPSOLR <=8.6 - Cross-Site Scripting
• POCCVE-2017-12629: Apache Solr <= 7.1 - XML Entity Injection
• POCCVE-2019-0192: Apache Solr - Deserialization of Untrusted Data