CVE STALKER

CVE-2021-45232

CVSS7
DESCRIPTIONIn Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication.
HEAT SCORE494

WORDS

TWEETS

DATE TWEETS USER
2022-03-09 09:20:32CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability https://t.co/SG85lyfF8f https://t.co/hfqHxQKUnD https://ift.tt/V89BxoC https://ift.tt/9RaJivwbuaqbot
2022-02-25 10:50:14Exploit for Authentication Bypass by Spoofing in #Apache Apisix CVE-2021-45232 CVE-2022-24112 #Hacking #infosec… https://t.co/w19hMqPhEy https://twitter.com/i/web/status/1497161880695156740FragmentedSoul5
2022-02-22 03:50:07问题出在body部分 其次是需要在写入route后需要去访问 然后才会触发,本质上和 CVE-2021-45232 类似,一个是未授权一个是绕过授权,最终都是通过新增恶意route 中的 filter_function 或者 script 来执行 lua 代码sirifu4k1
2022-02-02 13:10:12K31113511: Apache APISIX Dashboard vulnerability CVE-2021-45232 https://t.co/ZvTTvroqd6 http://www.ccn-cert.cni.es/component/vulnerabilidades/view/33068.htmlSombreroBlanc0
2022-01-31 22:22:01New post from https://t.co/uXvPWJy6tj (K31113511: Apache APISIX Dashboard vulnerability CVE-2021-45232) has been pu… https://t.co/mVw7Z7rDrB http://www.sesin.at https://twitter.com/i/web/status/1488274852507181058WolfgangSesin
2022-01-31 22:21:40New post from https://t.co/9KYxtdZjkl (K31113511: Apache APISIX Dashboard vulnerability CVE-2021-45232) has been pu… https://t.co/psXgGeJuIR http://www.sesin.at https://twitter.com/i/web/status/1488274853937491968www_sesin_at
2022-01-20 06:00:16Apache APISIX Exploit CVE-2021-45232 shodan search `title="Apache APISIX"` --fields ip_str,9000 --separator " " |… https://t.co/rYZmZGaiMh https://twitter.com/i/web/status/1484042572054298624betelgeuse120
2022-01-18 18:32:16Apache APISIX Exploit CVE-2021-45232 Credits ~ @0x3n0 shodan search `title="Apache APISIX"` --fields ip_str,9000… https://t.co/pQY6E7u6UG https://twitter.com/i/web/status/1483505209091719168NandanLohitaksh
2022-01-17 01:00:12Apache APISIX Exploit CVE-2021-45232 shodan search `title="Apache APISIX"` --fields ip_str,9000 --separator " " |… https://t.co/hArvQKBn54 https://twitter.com/i/web/status/14828785870576025610x3n0
2022-01-08 16:10:13Mass exploitation of Apache APISIX Dashboard Unauthorized Access Vulnerability | CVE-2021-45232 https://t.co/xKHJtGsaAa https://www.youtube.com/watch?v=wc5TKmh2Y-Yviehgroup
2022-01-08 09:00:10🔴APACHE🔴 Múltiples vulnerabilidades de severidad alta en productos APACHE: CVE-2021-45232,CVE-2021-44548 Más inf… https://t.co/XUv6y0DbRU https://twitter.com/i/web/status/1479738413951631362GrupoICA_Ciber
2022-01-07 15:40:46New post from https://t.co/9KYxtdZjkl (CVE-2021-45232 (apisix_dashboard)) has been published on https://t.co/YBAoNr3DBt http://www.sesin.at https://www.sesin.at/2022/01/07/cve-2021-45232-apisix_dashboard/www_sesin_at
2022-01-07 15:40:29New post from https://t.co/uXvPWJy6tj (CVE-2021-45232 (apisix_dashboard)) has been published on https://t.co/oxEJMyXVhJ http://www.sesin.at https://www.sesin.at/2022/01/07/cve-2021-45232-apisix_dashboard/WolfgangSesin
2022-01-07 14:20:11🚨 NEW: CVE-2021-45232 🚨 In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduce… https://t.co/vaB3YCxAOs https://twitter.com/i/web/status/1479456561240150016threatintelctr
2022-01-07 04:22:00CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability https://t.co/DxuTEwAkyC https://t.co/OviYtDLefG https://ift.tt/34njc5D https://ift.tt/3qSDdbPbuaqbot
2022-01-07 03:30:44CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability https://t.co/DxuTEwAkyC https://t.co/IdIh03HUFk https://ift.tt/34njc5D https://ift.tt/3qY6vWybuaqbot
2022-01-07 02:30:23@abbas_heybati Apache APISIX Dashboard(CVE-2021-45232) title="Apache APISIX Dashboard" https://t.co/5t0zf5lCem https://fofa.so/result?qbase64=dGl0bGU9IkFwYWNoZSBBUElTSVggRGFzaGJvYXJkIg%3D%3Dfofabot
2022-01-06 11:10:05CVE-2021-45232 - Apache / APISIX - Missing authentication for critical function - https://t.co/3h6E4BABUE #Uncategorized #cybersecurity https://www.redpacketsecurity.com/cve-2021-45232-apache-apisix-missing-authentication-for-critical-function/RedPacketSec
2022-01-06 07:40:10CVE-2021-45232漏洞分析 https://t.co/2Zg09auH6G https://t.co/AezfO7bv97 https://ift.tt/3qN2dBk https://ift.tt/3zpSPHHbuaqbot
2022-01-06 00:30:12Exploit for CVE-2021-45232 https://t.co/kBuZ9gewEu #Exploit #Sploitus https://sploitus.com/exploit?id=3D7A27ED-A78A-5AB2-B693-3A29650CF6DAsploitus_com
2022-01-05 04:40:06New Video on Mass exploitation of Apache APISIX Dashboard Unauthorized Access Vulnerability (CVE-2021-45232) is OUT… https://t.co/zlAXmSeOiR https://twitter.com/i/web/status/1478587058444595201simrotion13
2022-01-04 19:30:09Video on Mass exploitation of Apache APISIX Dashboard Unauthorized Access Vulnerability (CVE-2021-45232) will out s… https://t.co/v5c1sKpMFf https://twitter.com/i/web/status/1478446897446768640simrotion13
2022-01-04 08:20:27GitHub - shakeman8/CVE-2021-45232-RCE: CVE-2021-45232 RCE https://t.co/r2ouUhD5Rg https://github.com/shakeman8/CVE-2021-45232-RCESecurityblog
2022-01-02 07:20:24CVE-2021-45232 Apache Apisix-Dashboard Unauth to #RCE #bugbounty #bugbountytips - https://t.co/V5XNhSGZsk https://t.co/0wXHRrESE4 https://t.me/PentestingNews/16512PentestingN
2021-12-31 06:20:10#CVE-2021-45232 Apache Apisix-Dashboard Unauth to #RCE #bugbounty #bugbountytips https://t.co/zF3eUxd2Ssnxtexploit
2021-12-31 01:00:05#CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Fofa: title="Apache APISIX Dashboard"… https://t.co/pwkvihqwzV https://twitter.com/i/web/status/1476718591357587456zhiji39688749
2021-12-30 15:07:41#CVE-2021-45232 Apache Apisix-Dashboard Unauth to RCE https://t.co/eBA2vQ5jPYjas502n
2021-12-29 20:50:13Explaining CVE-2021-45232: In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and intro… https://t.co/arGay4nf5U https://twitter.com/i/web/status/14762938738068439050xShervin
2021-12-29 16:10:36#CVE CVE-2021-45232 Apache apisix Dashboard api Authentication bypass http://target:port/apisix/admin/migrate/expor… https://t.co/C7ozBgw0md https://twitter.com/i/web/status/1476221491637280776abbas_heybati
2021-12-29 15:13:54CVE-2021-45232 https://t.co/hM9h4IyDGv #HarsiaInfo https://har-sia.info/CVE-2021-45232.htmlHar_sia
2021-12-29 10:21:22CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/sgs1rZkgJk CVE-2021-… https://t.co/AUeAgY46Ku https://securityonline.info/cve-2021-45232-apache-apisix-dashboard-unauthorized-access-vulnerability/ https://twitter.com/i/web/status/1476134430494371846PentestingN
2021-12-29 10:10:27Forwarded from @Leakinfo ​Обход аутентификации в панели мониторинга Apache APISIX (CVE-2021-45232) Apache APISIX D… https://t.co/KGJsyWsY2v https://twitter.com/i/web/status/1476132361880412165gebutcher
2021-12-29 09:26:31#bugbountytips #bugbounty CVE-2021-45232 Apache APISIX Dashboard Unauthenticated Remote Code Execution #RCE https://t.co/L4cI1JeyuVcycatz2
2021-12-29 08:54:05CVE-2021-45232 Apache APISIX Dashboard api Unauthorized access {{RootURL}}/apisix/admin/migrate/exportAran15042440
2021-12-29 08:15:06CVE-2021-45232 Apache APISIX Dashboard Unauth cation RCE... Version: < 2.10.1 https://t.co/iAFpPDo47Yr0cky6861636b
2021-12-29 07:40:37CVE-2021-45232 Apache apisix Dashboard api unauth RCE https://t.co/N2LbLq2fEQ https://t.co/Tw09Bgh7VK #exploit… https://t.co/bTsqrIqVl2 https://github.com/shakeman8/CVE-2021-45232-RCE https://github.com/badboycxcc/CVE-2021-45232-POC https://twitter.com/i/web/status/1476094768086241283hack_git
2021-12-29 07:30:18CVE-2021-45232 Apache APISIX Dashboard unauthorized access Apache APISIX Dashboard < 2.10.1… https://t.co/tQGwA9WzAy https://twitter.com/i/web/status/14760918363308236820x0021h
2021-12-29 07:02:14CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/lmOkWpkob7 #infosec… https://t.co/vsCymRgNUY https://securityonline.info/cve-2021-45232-apache-apisix-dashboard-unauthorized-access-vulnerability/ https://twitter.com/i/web/status/1476084798259032064beingsheerazali
2021-12-29 06:53:14CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/YWUO2mZLkx https://securityonline.info/cve-2021-45232-apache-apisix-dashboard-unauthorized-access-vulnerability/Dinosn
2021-12-29 05:10:38#exploit 1. CVE-2021-45232: Apache apisix Dashboard api unauth RCE https://t.co/WH87tVcxcw https://t.co/Fa3Ra8lXpI… https://t.co/6mMNj1Hot5 https://github.com/shakeman8/CVE-2021-45232-RCE https://github.com/badboycxcc/CVE-2021-45232-POC https://twitter.com/i/web/status/1476055431239905280ksg93rd
2021-12-29 02:30:13CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/do9hehjbQQ #opensource… https://t.co/eTjAZoSilv https://securityonline.info/cve-2021-45232-apache-apisix-dashboard-unauthorized-access-vulnerability/ https://twitter.com/i/web/status/1476016405376122880the_yellow_fall
2021-12-29 02:30:09CVE-2021-45232: Apache APISIX Dashboard Unauthorized Access Vulnerability Alert https://t.co/5LNH6CSeyw https://t.co/SvkF16Rpit http://dlvr.it/SG9zcwAcooEdi
2021-12-29 02:13:12#CVE CVE-2021-45232 #RCE Apache APISIX Dashboard Unauth cation RCE import bak file with filter_funct to RCE https://t.co/rSlWpwSYgKsirifu4k1
2021-12-28 22:43:53CVE-2021-45232 Apache APISIX Dashboard https://t.co/AfBuC7afpb #CVE #Apache - https://t.co/feQN0SpzEP https://t.co/zAAe2oabFU https://github.com/pingpongcult/CVE-2021-45232 https://t.me/hackgit/2713hack_git
2021-12-28 15:10:13CVE-2021-45232 https://t.co/hM9h4IyDGv #HarsiaInfo https://har-sia.info/CVE-2021-45232.htmlHar_sia
2021-12-28 14:40:13🚨🚨 NEW CVE CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access Severity: high https://t.co/i046iwvCIFMohamed87Khayat
2021-12-28 14:10:05CVE-2021-45232 #nuclei template search on github is a great ways to found vuln https://t.co/8R3w6xX4Ka https://github.com/projectdiscovery/nuclei-templates/pull/3437sirifu4k1
2021-12-28 14:00:06#CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Version: < 2.10.1 Fofa: title="Apache APISIX Dashboard"… https://t.co/5iPaXgP3pG https://twitter.com/i/web/status/1475827857733525518zhukaipi
2021-12-28 13:40:09GitHub - pingpongcult/CVE-2021-45232 - https://t.co/Zn56Dg8Si1 https://github.com/pingpongcult/CVE-2021-45232piedpiper1616
2021-12-28 13:10:14#CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Version: < 2.10.1 Fofa: title="Apache APISIX Dashboard"… https://t.co/ZcvHRUKbQ7 https://twitter.com/i/web/status/1475815478916710404cx10834915
2021-12-28 12:30:13#CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Version: < 2.10.1 Fofa: title="Apache APISIX Dashboard"… https://t.co/KtQFATxQ8m https://twitter.com/i/web/status/1475804838495940609sirifu4k1
2021-12-28 12:10:13#CVE CVE-2021-45232 Apache apisix Dashboard api unauth rce Version: < 2.10.1 Fofa: title="Apache APISIX Dashboard"… https://t.co/X4D9K1Fq7C https://twitter.com/i/web/status/1475799108812419073zhzyker
2021-12-28 08:00:25Apache APISIX Dashboard(CVE-2021-45232) title="Apache APISIX Dashboard" https://t.co/5t0zf5lCem #APISIX… https://t.co/09RYWEEe8k https://fofa.so/result?qbase64=dGl0bGU9IkFwYWNoZSBBUElTSVggRGFzaGJvYXJkIg%3D%3D https://twitter.com/i/web/status/1475736466768556032fofabot
2021-12-28 06:31:58CVE-2021-45232 Unauthorized https://t.co/ZUcb3LGLHX403Timeout
2021-12-27 19:20:23Hi, I'm CVE-2021-45232. I was never good with numbers though, so you can call me Verdant Bever https://t.co/blVSiAnCxY https://nvd.nist.gov/vuln/detail/CVE-2021-45232vulnonym
2021-12-27 17:42:05CVE-2021-45232 In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framew… https://t.co/K7M0siC48t https://twitter.com/i/web/status/1475519791196745730VulmonFeeds
2021-12-27 17:31:53New post from https://t.co/uXvPWJy6tj (CVE-2021-45232) has been published on https://t.co/amupPFpe5G http://www.sesin.at https://www.sesin.at/2021/12/27/cve-2021-45232/WolfgangSesin
2021-12-27 17:31:28New post from https://t.co/9KYxtdZjkl (CVE-2021-45232) has been published on https://t.co/3ZqfVreNGg http://www.sesin.at https://www.sesin.at/2021/12/27/cve-2021-45232/www_sesin_at
2021-12-27 17:00:27CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access: Posted by JunXu Chen on Dec… https://t.co/IsKeFkRDE3 https://twitter.com/i/web/status/1475509289385009160oss_security
2021-12-27 16:00:38Potentially Critical CVE Detected! CVE-2021-45232 Description: In Apache APISIX Dashboard before 2.10.1, the Manage… https://t.co/sAJ4koPyhr https://twitter.com/i/web/status/1475495741812617222Robo_Alerts
2021-12-27 15:51:37CVE-2021-45232 In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framewo… https://t.co/ESNennNPC3 https://twitter.com/i/web/status/1475492953967714304CVEnew
2021-12-27 15:20:08CVE-2021-45232 : In #Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces fram… https://t.co/mTHsHR6EQS https://twitter.com/i/web/status/1475484321997803525CVEreport