Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Solr - Admin Page Access

By kannthu

Vidoc logoVidoc Module

What is Solr - Admin Page Access?

Solr - Admin Page Access is a module that targets the Solr administration page. It is designed to detect a misconfiguration that allows unauthorized access to the admin page without any authentication requirements. This vulnerability is classified as high severity.


If the Solr administration page is accessible without authentication, it poses a significant security risk. Attackers can exploit this vulnerability to gain unauthorized access to sensitive information, modify configurations, or perform other malicious activities.

How the module works?

The Solr - Admin Page Access module works by sending HTTP requests to specific paths, namely "/admin/" and "/solr/admin/". It then applies matching conditions to determine if the Solr admin page is accessible without authentication.

The module uses two matching conditions:

- Word Matcher: It checks if the response body contains the HTML title tag "<title>Solr admin page</title>". - Status Matcher: It verifies if the HTTP response status is 200 (OK).

If both matching conditions are met, the module reports a vulnerability, indicating that the Solr admin page is accessible without authentication.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: <title>Solr admin page</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability