Traefik API Scanner

The Traefik API is typically used by organizations and developers to manage dynamic container orchestration platforms. It helps manage HTTP routers and expose service configurations and is widely used for load balancing in microservices environments.

This detection scanner identifies vulnerabilities associated with publicly accessible Traefik API. When exposed, the API can leak sensitive routing and service configuration details to unauthorized entities.

The scanner checks endpoints like '/api/rawdata' and '/api/http/routers' to determine if they return sensitive JSON data upon request, indicating exposure.

If exploited, attackers can access and exploit routing details, middleware, and service configurations, potentially disrupting service operations or altering traffic flows.

REFERENCES

• https://doc.traefik.io/traefik/operations/api/