Http Exposed Management Endpoint
Description
This detector identifies exposed management endpoints on web applications, such as admin panels, health checks, metrics endpoints, or configuration pages that should be protected or hidden from public access. Exposed management endpoints can lead to unauthorized access to sensitive administrative functions, information disclosure, or provide attack vectors for privilege escalation.
Detection Strategy
• Attempts to access a predefined list of common management endpoint paths on the target web application
• Makes concurrent HTTP requests to multiple potential management endpoint URLs using up to 5 parallel connections
• Reports a vulnerability when any management endpoint returns a successful HTTP response (typically 200 status code) indicating the endpoint is accessible
• Identifies the specific endpoint path and response content that reveals the exposed management functionality
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.