Redpanda Console - Exposure

ID: redpanda-console

Severity: medium

Author: kh4sh3i

Tags: misconfig,redpanda,console,streaming

Description

Unauthorized access to the Redpanda Console could allow attackers to view or manipulate streaming data, monitor clusters, or access configuration information, leading to potential data leaks or service disruption.

YAML Source

id: redpanda-console

info:
  name: Redpanda Console - Exposure
  author: kh4sh3i
  severity: medium
  description: |
    Unauthorized access to the Redpanda Console could allow attackers to view or manipulate streaming data, monitor clusters, or access configuration information, leading to potential data leaks or service disruption.
  impact: |
    Exposing the Redpanda Console to the public can result in unauthorized access, leading to data leaks, misconfigurations, or even denial of service attacks on the streaming infrastructure.
  reference:
    - https://github.com/redpanda-data/console
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"Redpanda Console"
  tags: misconfig,redpanda,console,streaming

http:
  - method: GET
    path:
      - "{{BaseURL}}/overview"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Redpanda Console"

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100bfb42d88e905179ec9a949efd9f6fc34e7a3a7bf9cc212d9bc9e99d8a10ecb28022060fa0c7603c62b46ef002eb1146bb8c23c09e5aa6c14b85090f41e7cc0a22d6e:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/misconfiguration/redpanda-console.yaml"

View on Github