cve/2020/CVE-2020-13945.md

### [CVE-2020-13945](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13945)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20APISIX&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Admin%20API%20default%20access%20token%20vulnerability&color=brighgreen)

### Description

In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.

### POC

#### Reference
- http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/CLincat/vulcat
- https://github.com/HimmelAward/Goby_POC
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/YutuSec/Apisix_Crack
- https://github.com/Z0fhack/Goby_POC
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/bigblackhat/oFx
- https://github.com/openx-org/BLEN
- https://github.com/samurai411/toolbox
- https://github.com/t0m4too/t0m4to
- https://github.com/tanjiti/sec_profile
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-13945](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13945)`
			`![](https://img.shields.io/static/v1?label=Product&message=Apache%20APISIX&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Admin%20API%20default%20access%20token%20vulnerability&color=brighgreen)`

			`### Description`

			`In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/ARPSyndicate/kenzer-templates`
			`- https://github.com/CLincat/vulcat`
			`- https://github.com/HimmelAward/Goby_POC`
			`- https://github.com/Threekiii/Awesome-POC`
			`- https://github.com/Threekiii/Vulhub-Reproduce`
			`- https://github.com/YutuSec/Apisix_Crack`
			`- https://github.com/Z0fhack/Goby_POC`
			`- https://github.com/bakery312/Vulhub-Reproduce`
			`- https://github.com/bigblackhat/oFx`
			`- https://github.com/openx-org/BLEN`
			`- https://github.com/samurai411/toolbox`
			`- https://github.com/t0m4too/t0m4to`
			`- https://github.com/tanjiti/sec_profile`