Domain dev-sumo-api.oqtacore.com
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-19 08:51-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354903efbb8c66b1d9f0b0a595a012c2e161d97e4b95Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/AsicModels/{id} GET /api/Agent/GetAgents GET /api/Asic/GetAsics GET /api/Asic/Status GET /api/AsicModels GET /api/AsicScan GET /api/AsicScan/{scanId}/results GET /api/AsicStates GET /api/AuditLogs GET /api/FarmEvents GET /api/Health GET /api/Health/live GET /api/Health/ready GET /api/Health/{checkName} GET /api/Platforms GET /api/Roles GET /api/Tasks GET /api/Tasks/{id} GET /api/Users GET /api/Workers POST /api/AsicActions/configure POST /api/AsicActions/reboot POST /api/AsicScan/migrate-partial POST /api/AsicScan/{scanId}/migrate POST /api/Auth/login POST /api/Auth/logout POST /api/Customers POST /api/Pools PUT /api/Agent/UpdateAgent PUT /api/Customers/{id} PUT /api/Platforms/{id} PUT /api/Pools/{id} PUT /api/Users/{id} PUT /api/Workers/{id}Found on 2025-11-19 08:51
-