Exploit for #VU59095 Improper Authentication in Apache APISIX

Published: 2021-12-28 | Updated: 2022-09-04

Vulnerability identifier: #VU59095

Vulnerability risk: High

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-45232

CWE-ID: CWE-287

Exploitation vector: Network

Exploits in database: 10

September 4, 2022
- CVE-2021-45232 (CVE-2021-45232 POC) [Github]
May 12, 2022
- Apisix_Crack (Apisix系列漏洞：未授权漏洞（CVE-2021-45232）、默认秘钥（CVE-2020-13945）批量探测。) [Github]
January 7, 2022
- CVE-2021-45232-RCE (CVE-2021-45232-RCE) [Github]
January 6, 2022
- CVE-2021-45232-RCE (CVE-2021-45232-RCE-多线程批量漏洞检测) [Github]
December 30, 2021
- cve-2021-45232-rce () [Github]
- cve-2021-45232-exp () [Github]
December 29, 2021
- CVE-2021-45232 (CVE-2021-45232 POC) [Github]
- cve-2021-45232 () [Github]
December 28, 2021
- CVE-2021-45232-RCE (CVE-2021-45232 RCE) [Github]
- CVE-2021-45232 (CVE-2021-45232) [Github]

Impact: Information disclosure and data manipulation

Vulnerable software:
Apache APISIX
Server applications / Other server solutions

Vendor: Apache Foundation