admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2021/CVE-2021-45232.md
0xMarcio 8d17e0c8f8 Update CVE sources 2024-08-24 17:55
2024-08-24 17:55:21 +00:00

71 lines
3.2 KiB
Markdown
Raw Blame History

### [CVE-2021-45232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45232)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20APISIX%20Dashboard&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2.7%3D%202.7%20and%202.7.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-306%20Missing%20Authentication%20for%20Critical%20Function&color=brighgreen)
### Description
In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/0x0021h/expbox
- https://github.com/20142995/Goby
- https://github.com/20142995/pocsuite3
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/GYLQ/CVE-2021-45232-RCE
- https://github.com/Greetdawn/Apache-APISIX-dashboard-RCE
- https://github.com/Hatcat123/my_stars
- https://github.com/HimmelAward/Goby_POC
- https://github.com/Ilovewomen/cve-2021-45232
- https://github.com/Kuibagit/CVE-2021-45232-RCE
- https://github.com/LTiDi2000/CVE-2021-45232
- https://github.com/Mr-xn/CVE-2022-24112
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Nefcore/MatchX
- https://github.com/Osyanina/westone-CVE-2021-45232-scanner
- https://github.com/SYRTI/POC_to_review
- https://github.com/Threekiii/Awesome-Exploit
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/WhooAmii/POC_to_review
- https://github.com/YutuSec/Apisix_Crack
- https://github.com/Z0fhack/Goby_POC
- https://github.com/b4zinga/Raphael
- https://github.com/badboycxcc/CVE-2021-45232-POC
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/bigblackhat/oFx
- https://github.com/chemouri13/MatchX
- https://github.com/dskho/CVE-2021-45232
- https://github.com/f11t3rStAr/f11t3rStAr
- https://github.com/fany0r/CVE-2021-45232-RCE
- https://github.com/huimzjty/vulwiki
- https://github.com/itxfahdi/-cve-2021-45232
- https://github.com/jxpsx/CVE-2021-45232-RCE
- https://github.com/leveryd/leveryd
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/merlinepedra25/AttackWebFrameworkTools-5.0
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/openx-org/BLEN
- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
- https://github.com/pen4uin/awesome-vulnerability-research
- https://github.com/pen4uin/vulnerability-research
- https://github.com/pen4uin/vulnerability-research-list
- https://github.com/qiuluo-oss/Tiger
- https://github.com/soosmile/POC
- https://github.com/t0m4too/t0m4to
- https://github.com/trhacknon/Pocingit
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/wuppp/cve-2021-45232-exp
- https://github.com/xiju2003/-cve-2021-45232
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yggcwhat/CVE-2021-45232
- https://github.com/zecool/cve
Reference in New Issue View Git Blame Copy Permalink