漏洞描述
Detected an exposed Weaviate instance by accessing its API endpoints. Verified exposure by identifying meta information, schema details, and specific endpoint references in the response, confirming that the instance was publicly accessible.
weaviate-exposure: Weaviate - Exposure
PoC代码[已公开]
id: weaviate-exposure
info:
name: Weaviate - Exposure
author: DhiyaneshDk
severity: low
description: |
Detected an exposed Weaviate instance by accessing its API endpoints. Verified exposure by identifying meta information, schema details, and specific endpoint references in the response, confirming that the instance was publicly accessible.
metadata:
verified: true
max-request: 1
shodan-query: title:"Weaviate"
tags: weaviate,exposure,api,vuln
http:
- method: GET
path:
- "{{BaseURL}}/v1/"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Meta information about this instance/cluster"
- "view complete schema"
condition: and
- type: regex
part: body
regex:
- "\"href\":\"/v1/schema\""
- type: status
status:
- 200
# digest: 4a0a00473045022100db470cee0b1eb4b64fa065f99a5f35f076b7cc1ee1b6c3c82ae2710895e73b190220342808cfe1e9a37a06998882326dfc8b2a7b90bb5330845cc4db9d7b5548f414:922c64590222798bb761d5b6d8e72950