20 matches found
CVE-2022-24112
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...
Exploit for Authentication Bypass by Spoofing in Apache Apisix
POCs Collected POCs CVE-2022-24112 To create a test...
Joint Advisory AA22-279A and Vulristics
Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...
CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added 10 new actively exploited vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, including a high-severity security flaw affecting industrial automation software from Delta Electronics. The issue, tracked ...
Apache APISIX Remote Code Execution (CVE-2022-24112)
A remote code execution vulnerability exists in Apache APISIX. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system...
Exploit for Authentication Bypass by Spoofing in Apache Apisix
CVE-2022-24112-POC Apache APISIX 2.12.1 Rem...
Exploit for Authentication Bypass by Spoofing in Apache Apisix
Apache APISIX Remote Code Execution CVE-2022-24112 Exploit...
Apache APISIX 2.12.1 - Remote Code Execution Exploit
Exploit Title: Apache APISIX 2.12.1 - Remote Code Execution RCE Exploit Author: Ven3xy Vendor Homepage: https://apisix.apache.org/ Version: Apache APISIX 1.3 – 2.12.1 Tested on: CentOS 7 CVE : CVE-2022-24112 import requests import sys class color: HEADER = '\03395m' IMPORTANT = '\3335m' NOTICE =...
Apache APISIX 2.12.1 Remote Code Execution
Exploit Title: Apache APISIX 2.12.1 - Remote Code Execution RCE Date: 2022-03-16 Exploit Author: Ven3xy Vendor Homepage: https://apisix.apache.org/ Version: Apache APISIX 1.3 – 2.12.1 Tested on: CentOS 7 CVE : CVE-2022-24112 import requests import sys class color: HEADER = '\03395m' IMPORTANT =...
Apache APISIX 2.12.1 - Remote Code Execution (RCE)
Exploit Title: Apache APISIX 2.12.1 - Remote Code Execution RCE Date: 2022-03-16 Exploit Author: Ven3xy Vendor Homepage: https://apisix.apache.org/ Version: Apache APISIX 1.3 – 2.12.1 Tested on: CentOS 7 CVE : CVE-2022-24112 import requests import sys class color: HEADER = '\03395m' IMPORTANT =...
Exploit for CVE-2022-244112
CVE-2022-24112: Apache APISIX Remote Code Ex...
Exploit for Authentication Bypass by Spoofing in Apache Apisix
CVE-2022-24112: Apache APISIX Remote Code Ex...
APISIX Admin API default access token RCE
Apache APISIX has a default, built-in API token edd1c9f034335f136f87ad84b625c8f1 that can be used to access all of the admin API, which leads to remote LUA code execution through the script parameter added in the 2.x version. This module also leverages another vulnerability to bypass the IP...
Apache APISIX Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'APISIX Admin API default access token RCE', 'Description' = %q Apache APISIX has a default, built-in API token edd1c9f034335f136f87ad84b625c8f1...
Exploit for Authentication Bypass by Spoofing in Apache Apisix
CVE-2022-24112 CVE-2022-24112: Apache APISIX apisix/batch-re...
CVE-2022-24112
creationtimestamp| type| source ---|---|--- 2022-02-11 16:29:40+00:00| seen| https://t.me/cibsecurity/37298 2022-02-21 11:58:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/1516 2022-02-21 16:34:10+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/1518 2022-02-21...
CVE-2022-24112
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...
CVE-2022-24112 apisix/batch-requests plugin allows overwriting the X-REAL-IP header
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...
CVE-2022-24112 apisix/batch-requests plugin allows overwriting the X-REAL-IP header
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...
CVE-2022-24112
CVE-2022-24112 affects Apache APISIX. It arises from the batch-requests plugin, where a bug can bypass the Admin API IP restriction, enabling remote code execution. Exploits/PoCs exist for APISIX 2.12.0–2.12.1 demonstrating RCE via admin API path and Lua code injection in routes, with documented ...