v2x-control: V2X Control - Dashboard Exposure

漏洞描述

PoC代码[已公开]

id: v2x-control

info:
  name: V2X Control - Dashboard Exposure
  author: DhiyaneshDk
  severity: low
  description: V2X Control Dashboard is exposed.
  reference:
    - https://www.facebook.com/photo/?fbid=606940284809828&set=a.467014098802448
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"V2X Control"
  tags: misconfig,exposure,v2x,control,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '<title>V2X control</title>'
          - 'Chemtronics'
        condition: and

      - type: status
        status:
          - 200
# digest: 490a004630440220411c65b622bcf4295982f22e7983aa766c9f8b6167a24a8796c08c06f665b76302205e13160d2df36328944b088dd2e1d7e972ecc51676e49cb4a1943af574a1df44:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC CVE-2022-29081: Zoho ManageEngine - Access Control Bypass
• POC wp-security-hidden-login-exposure: WordPress All-in-One Security <=4.4.1 - Hidden Login Page Exposure
• POC CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure
• POC CVE-2025-12480: Triofox - Improper Access Control
• POC cockroachdb-unauth-exposure: CockroachDB Unauthenticated Console Exposure
• POC CVE-2025-52665: UniFi Access - Broken Access Control
• POC CVE-2025-55190: ArgoCD Project API Token Repository Credentials Exposure
• POC CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File
• POC churchcrm-installer: ChurchCRM - Setup Exposure
• JeeWMS /cgDynamGraphController.do SQL 注入漏洞
• JeeWMS /departController.do SQL 注入漏洞
• MCPHub Dashboard JWT硬编码身份认证绕过漏洞
• CVE-2019-19781: Citrix Application Delivery Controller (ADC) and Gateway Directory Traversal.