WORDS
| CVSS | 7 |
|---|---|
| DESCRIPTION | In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication. |
| HEAT SCORE | 494 |
| DATE | TWEETS | USER |
|---|---|---|
| 2022-03-09 09:20:32 | CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability https://t.co/SG85lyfF8f https://t.co/hfqHxQKUnD https://ift.tt/V89BxoC https://ift.tt/9RaJivw | buaqbot |
| 2022-02-25 10:50:14 | Exploit for Authentication Bypass by Spoofing in #Apache Apisix CVE-2021-45232 CVE-2022-24112 #Hacking #infosec… https://t.co/w19hMqPhEy https://twitter.com/i/web/status/1497161880695156740 | FragmentedSoul5 |
| 2022-02-22 03:50:07 | 问题出在body部分 其次是需要在写入route后需要去访问 然后才会触发,本质上和 CVE-2021-45232 类似,一个是未授权一个是绕过授权,最终都是通过新增恶意route 中的 filter_function 或者 script 来执行 lua 代码 | sirifu4k1 |
| 2022-02-02 13:10:12 | K31113511: Apache APISIX Dashboard vulnerability CVE-2021-45232 https://t.co/ZvTTvroqd6 http://www.ccn-cert.cni.es/component/vulnerabilidades/view/33068.html | SombreroBlanc0 |
| 2022-01-31 22:22:01 | New post from https://t.co/uXvPWJy6tj (K31113511: Apache APISIX Dashboard vulnerability CVE-2021-45232) has been pu… https://t.co/mVw7Z7rDrB http://www.sesin.at https://twitter.com/i/web/status/1488274852507181058 | WolfgangSesin |
| 2022-01-31 22:21:40 | New post from https://t.co/9KYxtdZjkl (K31113511: Apache APISIX Dashboard vulnerability CVE-2021-45232) has been pu… https://t.co/psXgGeJuIR http://www.sesin.at https://twitter.com/i/web/status/1488274853937491968 | www_sesin_at |
| 2022-01-20 06:00:16 | Apache APISIX Exploit CVE-2021-45232 shodan search `title="Apache APISIX"` --fields ip_str,9000 --separator " " |… https://t.co/rYZmZGaiMh https://twitter.com/i/web/status/1484042572054298624 | betelgeuse120 |
| 2022-01-18 18:32:16 | Apache APISIX Exploit CVE-2021-45232 Credits ~ @0x3n0 shodan search `title="Apache APISIX"` --fields ip_str,9000… https://t.co/pQY6E7u6UG https://twitter.com/i/web/status/1483505209091719168 | NandanLohitaksh |
| 2022-01-17 01:00:12 | Apache APISIX Exploit CVE-2021-45232 shodan search `title="Apache APISIX"` --fields ip_str,9000 --separator " " |… https://t.co/hArvQKBn54 https://twitter.com/i/web/status/1482878587057602561 | 0x3n0 |
| 2022-01-08 16:10:13 | Mass exploitation of Apache APISIX Dashboard Unauthorized Access Vulnerability | CVE-2021-45232 https://t.co/xKHJtGsaAa https://www.youtube.com/watch?v=wc5TKmh2Y-Y | viehgroup |
| 2022-01-08 09:00:10 | 🔴APACHE🔴 Múltiples vulnerabilidades de severidad alta en productos APACHE: CVE-2021-45232,CVE-2021-44548 Más inf… https://t.co/XUv6y0DbRU https://twitter.com/i/web/status/1479738413951631362 | GrupoICA_Ciber |
| 2022-01-07 15:40:46 | New post from https://t.co/9KYxtdZjkl (CVE-2021-45232 (apisix_dashboard)) has been published on https://t.co/YBAoNr3DBt http://www.sesin.at https://www.sesin.at/2022/01/07/cve-2021-45232-apisix_dashboard/ | www_sesin_at |
| 2022-01-07 15:40:29 | New post from https://t.co/uXvPWJy6tj (CVE-2021-45232 (apisix_dashboard)) has been published on https://t.co/oxEJMyXVhJ http://www.sesin.at https://www.sesin.at/2022/01/07/cve-2021-45232-apisix_dashboard/ | WolfgangSesin |
| 2022-01-07 14:20:11 | 🚨 NEW: CVE-2021-45232 🚨 In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduce… https://t.co/vaB3YCxAOs https://twitter.com/i/web/status/1479456561240150016 | threatintelctr |
| 2022-01-07 04:22:00 | CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability https://t.co/DxuTEwAkyC https://t.co/OviYtDLefG https://ift.tt/34njc5D https://ift.tt/3qSDdbP | buaqbot |
| 2022-01-07 03:30:44 | CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability https://t.co/DxuTEwAkyC https://t.co/IdIh03HUFk https://ift.tt/34njc5D https://ift.tt/3qY6vWy | buaqbot |
| 2022-01-07 02:30:23 | @abbas_heybati Apache APISIX Dashboard(CVE-2021-45232) title="Apache APISIX Dashboard" https://t.co/5t0zf5lCem https://fofa.so/result?qbase64=dGl0bGU9IkFwYWNoZSBBUElTSVggRGFzaGJvYXJkIg%3D%3D | fofabot |
| 2022-01-06 11:10:05 | CVE-2021-45232 - Apache / APISIX - Missing authentication for critical function - https://t.co/3h6E4BABUE #Uncategorized #cybersecurity https://www.redpacketsecurity.com/cve-2021-45232-apache-apisix-missing-authentication-for-critical-function/ | RedPacketSec |
| 2022-01-06 07:40:10 | CVE-2021-45232漏洞分析 https://t.co/2Zg09auH6G https://t.co/AezfO7bv97 https://ift.tt/3qN2dBk https://ift.tt/3zpSPHH | buaqbot |
| 2022-01-06 00:30:12 | Exploit for CVE-2021-45232 https://t.co/kBuZ9gewEu #Exploit #Sploitus https://sploitus.com/exploit?id=3D7A27ED-A78A-5AB2-B693-3A29650CF6DA | sploitus_com |
| 2022-01-05 04:40:06 | New Video on Mass exploitation of Apache APISIX Dashboard Unauthorized Access Vulnerability (CVE-2021-45232) is OUT… https://t.co/zlAXmSeOiR https://twitter.com/i/web/status/1478587058444595201 | simrotion13 |
| 2022-01-04 19:30:09 | Video on Mass exploitation of Apache APISIX Dashboard Unauthorized Access Vulnerability (CVE-2021-45232) will out s… https://t.co/v5c1sKpMFf https://twitter.com/i/web/status/1478446897446768640 | simrotion13 |
| 2022-01-04 08:20:27 | GitHub - shakeman8/CVE-2021-45232-RCE: CVE-2021-45232 RCE https://t.co/r2ouUhD5Rg https://github.com/shakeman8/CVE-2021-45232-RCE | Securityblog |
| 2022-01-02 07:20:24 | CVE-2021-45232 Apache Apisix-Dashboard Unauth to #RCE #bugbounty #bugbountytips - https://t.co/V5XNhSGZsk https://t.co/0wXHRrESE4 https://t.me/PentestingNews/16512 | PentestingN |
| 2021-12-31 06:20:10 | #CVE-2021-45232 Apache Apisix-Dashboard Unauth to #RCE #bugbounty #bugbountytips https://t.co/zF3eUxd2Ss | nxtexploit |
| 2021-12-31 01:00:05 | #CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Fofa: title="Apache APISIX Dashboard"… https://t.co/pwkvihqwzV https://twitter.com/i/web/status/1476718591357587456 | zhiji39688749 |
| 2021-12-30 15:07:41 | #CVE-2021-45232 Apache Apisix-Dashboard Unauth to RCE https://t.co/eBA2vQ5jPY | jas502n |
| 2021-12-29 20:50:13 | Explaining CVE-2021-45232: In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and intro… https://t.co/arGay4nf5U https://twitter.com/i/web/status/1476293873806843905 | 0xShervin |
| 2021-12-29 16:10:36 | #CVE CVE-2021-45232 Apache apisix Dashboard api Authentication bypass http://target:port/apisix/admin/migrate/expor… https://t.co/C7ozBgw0md https://twitter.com/i/web/status/1476221491637280776 | abbas_heybati |
| 2021-12-29 15:13:54 | CVE-2021-45232 https://t.co/hM9h4IyDGv #HarsiaInfo https://har-sia.info/CVE-2021-45232.html | Har_sia |
| 2021-12-29 10:21:22 | CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/sgs1rZkgJk CVE-2021-… https://t.co/AUeAgY46Ku https://securityonline.info/cve-2021-45232-apache-apisix-dashboard-unauthorized-access-vulnerability/ https://twitter.com/i/web/status/1476134430494371846 | PentestingN |
| 2021-12-29 10:10:27 | Forwarded from @Leakinfo Обход аутентификации в панели мониторинга Apache APISIX (CVE-2021-45232) Apache APISIX D… https://t.co/KGJsyWsY2v https://twitter.com/i/web/status/1476132361880412165 | gebutcher |
| 2021-12-29 09:26:31 | #bugbountytips #bugbounty CVE-2021-45232 Apache APISIX Dashboard Unauthenticated Remote Code Execution #RCE https://t.co/L4cI1JeyuV | cycatz2 |
| 2021-12-29 08:54:05 | CVE-2021-45232 Apache APISIX Dashboard api Unauthorized access {{RootURL}}/apisix/admin/migrate/export | Aran15042440 |
| 2021-12-29 08:15:06 | CVE-2021-45232 Apache APISIX Dashboard Unauth cation RCE... Version: < 2.10.1 https://t.co/iAFpPDo47Y | r0cky6861636b |
| 2021-12-29 07:40:37 | CVE-2021-45232 Apache apisix Dashboard api unauth RCE https://t.co/N2LbLq2fEQ https://t.co/Tw09Bgh7VK #exploit… https://t.co/bTsqrIqVl2 https://github.com/shakeman8/CVE-2021-45232-RCE https://github.com/badboycxcc/CVE-2021-45232-POC https://twitter.com/i/web/status/1476094768086241283 | hack_git |
| 2021-12-29 07:30:18 | CVE-2021-45232 Apache APISIX Dashboard unauthorized access Apache APISIX Dashboard < 2.10.1… https://t.co/tQGwA9WzAy https://twitter.com/i/web/status/1476091836330823682 | 0x0021h |
| 2021-12-29 07:02:14 | CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/lmOkWpkob7 #infosec… https://t.co/vsCymRgNUY https://securityonline.info/cve-2021-45232-apache-apisix-dashboard-unauthorized-access-vulnerability/ https://twitter.com/i/web/status/1476084798259032064 | beingsheerazali |
| 2021-12-29 06:53:14 | CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/YWUO2mZLkx https://securityonline.info/cve-2021-45232-apache-apisix-dashboard-unauthorized-access-vulnerability/ | Dinosn |
| 2021-12-29 05:10:38 | #exploit 1. CVE-2021-45232: Apache apisix Dashboard api unauth RCE https://t.co/WH87tVcxcw https://t.co/Fa3Ra8lXpI… https://t.co/6mMNj1Hot5 https://github.com/shakeman8/CVE-2021-45232-RCE https://github.com/badboycxcc/CVE-2021-45232-POC https://twitter.com/i/web/status/1476055431239905280 | ksg93rd |
| 2021-12-29 02:30:13 | CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/do9hehjbQQ #opensource… https://t.co/eTjAZoSilv https://securityonline.info/cve-2021-45232-apache-apisix-dashboard-unauthorized-access-vulnerability/ https://twitter.com/i/web/status/1476016405376122880 | the_yellow_fall |
| 2021-12-29 02:30:09 | CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/5LNH6CSeyw https://t.co/SvkF16Rpit http://dlvr.it/SG9zcw | AcooEdi |
| 2021-12-29 02:13:12 | #CVE CVE-2021-45232 #RCE Apache APISIX Dashboard Unauth cation RCE import bak file with filter_funct to RCE https://t.co/rSlWpwSYgK | sirifu4k1 |
| 2021-12-28 22:43:53 | CVE-2021-45232 Apache APISIX Dashboard https://t.co/AfBuC7afpb #CVE #Apache - https://t.co/feQN0SpzEP https://t.co/zAAe2oabFU https://github.com/pingpongcult/CVE-2021-45232 https://t.me/hackgit/2713 | hack_git |
| 2021-12-28 15:10:13 | CVE-2021-45232 https://t.co/hM9h4IyDGv #HarsiaInfo https://har-sia.info/CVE-2021-45232.html | Har_sia |
| 2021-12-28 14:40:13 | 🚨🚨 NEW CVE CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access Severity: high https://t.co/i046iwvCIF | Mohamed87Khayat |
| 2021-12-28 14:10:05 | CVE-2021-45232 #nuclei template search on github is a great ways to found vuln https://t.co/8R3w6xX4Ka https://github.com/projectdiscovery/nuclei-templates/pull/3437 | sirifu4k1 |
| 2021-12-28 14:00:06 | #CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Version: < 2.10.1 Fofa: title="Apache APISIX Dashboard"… https://t.co/5iPaXgP3pG https://twitter.com/i/web/status/1475827857733525518 | zhukaipi |
| 2021-12-28 13:40:09 | GitHub - pingpongcult/CVE-2021-45232 - https://t.co/Zn56Dg8Si1 https://github.com/pingpongcult/CVE-2021-45232 | piedpiper1616 |
| 2021-12-28 13:10:14 | #CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Version: < 2.10.1 Fofa: title="Apache APISIX Dashboard"… https://t.co/ZcvHRUKbQ7 https://twitter.com/i/web/status/1475815478916710404 | cx10834915 |
| 2021-12-28 12:30:13 | #CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Version: < 2.10.1 Fofa: title="Apache APISIX Dashboard"… https://t.co/KtQFATxQ8m https://twitter.com/i/web/status/1475804838495940609 | sirifu4k1 |
| 2021-12-28 12:10:13 | #CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Version: < 2.10.1 Fofa: title="Apache APISIX Dashboard"… https://t.co/X4D9K1Fq7C https://twitter.com/i/web/status/1475799108812419073 | zhzyker |
| 2021-12-28 08:00:25 | Apache APISIX Dashboard(CVE-2021-45232) title="Apache APISIX Dashboard" https://t.co/5t0zf5lCem #APISIX… https://t.co/09RYWEEe8k https://fofa.so/result?qbase64=dGl0bGU9IkFwYWNoZSBBUElTSVggRGFzaGJvYXJkIg%3D%3D https://twitter.com/i/web/status/1475736466768556032 | fofabot |
| 2021-12-28 06:31:58 | CVE-2021-45232 Unauthorized https://t.co/ZUcb3LGLHX | 403Timeout |
| 2021-12-27 19:20:23 | Hi, I'm CVE-2021-45232. I was never good with numbers though, so you can call me Verdant Bever https://t.co/blVSiAnCxY https://nvd.nist.gov/vuln/detail/CVE-2021-45232 | vulnonym |
| 2021-12-27 17:42:05 | CVE-2021-45232 In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framew… https://t.co/K7M0siC48t https://twitter.com/i/web/status/1475519791196745730 | VulmonFeeds |
| 2021-12-27 17:31:53 | New post from https://t.co/uXvPWJy6tj (CVE-2021-45232) has been published on https://t.co/amupPFpe5G http://www.sesin.at https://www.sesin.at/2021/12/27/cve-2021-45232/ | WolfgangSesin |
| 2021-12-27 17:31:28 | New post from https://t.co/9KYxtdZjkl (CVE-2021-45232) has been published on https://t.co/3ZqfVreNGg http://www.sesin.at https://www.sesin.at/2021/12/27/cve-2021-45232/ | www_sesin_at |
| 2021-12-27 17:00:27 | CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access: Posted by JunXu Chen on Dec… https://t.co/IsKeFkRDE3 https://twitter.com/i/web/status/1475509289385009160 | oss_security |
| 2021-12-27 16:00:38 | Potentially Critical CVE Detected! CVE-2021-45232 Description: In Apache APISIX Dashboard before 2.10.1, the Manage… https://t.co/sAJ4koPyhr https://twitter.com/i/web/status/1475495741812617222 | Robo_Alerts |
| 2021-12-27 15:51:37 | CVE-2021-45232 In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framewo… https://t.co/ESNennNPC3 https://twitter.com/i/web/status/1475492953967714304 | CVEnew |
| 2021-12-27 15:20:08 | CVE-2021-45232 : In #Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces fram… https://t.co/mTHsHR6EQS https://twitter.com/i/web/status/1475484321997803525 | CVEreport |