Exploit for #VU60580 Code Injection in Apache APISIX
Vulnerability identifier: #VU60580
Vulnerability risk: High
CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-94
Exploitation vector: Network
Exploits in database: 11
- December 4, 2022
- May 13, 2022
- Apache APISIX 2.12.1 - Remote Code Execution (RCE) [Exploit-DB]
- May 12, 2022
- APISIX Admin API default access token RCE [Metasploit]
- March 17, 2022
- March 9, 2022
- March 8, 2022
- February 27, 2022
- February 22, 2022
- February 21, 2022
Impact: Code execution
Vulnerable software:
Apache APISIX
Server applications /
Other server solutions
Vendor: Apache Foundation
