OneinStack Control Center Dashboard - Detect

漏洞信息

漏洞名称: OneinStack Control Center Dashboard - Detect

漏洞类型: 信息泄露

漏洞等级: 中危

漏洞描述: OneinStack Control Center Dashboard是一个用于管理和监控OneinStack环境的控制面板。OneinStack是一个流行的服务器环境一键安装工具,广泛应用于网站管理员和开发者中,用于快速部署LNMP/LAMP等环境。该控制面板的检测漏洞属于信息泄露类型,其技术根源在于控制面板的暴露,使得未经授权的用户能够访问到敏感信息或管理界面。这种漏洞可能导致敏感信息泄露,如服务器配置、备份文件等,进而可能被攻击者利用进行进一步的攻击。由于该漏洞不需要认证即可被利用,因此风险较高,尤其是在控制面板被直接暴露在互联网上的情况下。

产品厂商: OneinStack

产品名称: OneinStack Control Center Dashboard

搜索语法: http.title:”OneinStack”

来源: https://github.com/projectdiscovery/nuclei-templates/blob/ba783e925f24ada906ffa5125653771b9b902dbb/http%2Fmisconfiguration%2Foneinstack-control-center.yaml

类型: projectdiscovery/nuclei-templates:github issues

POC详情

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36

id: oneinstack-control-center

info:
  name: OneinStack Control Center Dashboard - Detect
  author: theabhinavgaur
  severity: medium
  description: |
    OneinStack Control Center dashboard was detected.
  reference:
    - https://github.com/oneinstack/oneinstack
    - https://oneinstack.com/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.title:"OneinStack"
  tags: misconfig,exposure,panel,oneinstack

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(body, "OneinStack")'
          - 'contains_any(body, "Control center", "控制中心" , "id=\"backup_link")'
        condition: and
# digest: 4a0a0047304502207149c522c2d71f5f774b7c331bf229460fb745b5606dabeeeaaf1514fe2b1805022100ded6fcee44cce7a079038443ca8d7883811a98335dd6f22de2aa1793fb968e9d:922c64590222798bb761d5b6d8e72950