cve-2022-24112
Vulnerability from cvelistv5
Published
2022-02-11 12:20
Modified
2024-08-03 03:59
Severity ?
Summary
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.
References
security@apache.orghttp://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.htmlExploit, Third Party Advisory, VDB Entry
security@apache.orghttp://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.htmlExploit, Third Party Advisory, VDB Entry
security@apache.orghttp://www.openwall.com/lists/oss-security/2022/02/11/3Mailing List, Mitigation, Third Party Advisory
security@apache.orghttps://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94Mailing List, Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2022/02/11/3Mailing List, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94Mailing List, Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog

Date added: 2022-08-25

Due date: 2022-09-15

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94; https://nvd.nist.gov/vuln/detail/CVE-2022-24112

Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:59:23.660Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94"
          },
          {
            "name": "[oss-security] 20220211 CVE-2022-24112: Apache APISIX: apisix/batch-requests plugin allows overwriting the X-REAL-IP header",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/02/11/3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache APISIX",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "2.12.1",
              "status": "affected",
              "version": "Apache APISIX 2.12",
              "versionType": "custom"
            },
            {
              "lessThan": "2.10.4",
              "status": "affected",
              "version": "Apache APISIX 2.10",
              "versionType": "custom"
            },
            {
              "lessThan": "Apache APISIX 1*",
              "status": "affected",
              "version": "1.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Original discovery by Real World CTF at Chaitin Tech. Reported by Sauercloud."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX\u0027s data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "other": "high"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "CWE-290 Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-16T18:06:16",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94"
        },
        {
          "name": "[oss-security] 20220211 CVE-2022-24112: Apache APISIX: apisix/batch-requests plugin allows overwriting the X-REAL-IP header",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/02/11/3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "apisix/batch-requests plugin allows overwriting the X-REAL-IP header",
      "workarounds": [
        {
          "lang": "en",
          "value": "1. explicitly configure the enabled plugins in `conf/config.yaml`, ensure `batch-requests` is disabled. (Or just comment out `batch-requests` in `conf/config-default.yaml`)\nOr\n1. upgrade to 2.10.4 or 2.12.1."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2022-24112",
          "STATE": "PUBLIC",
          "TITLE": "apisix/batch-requests plugin allows overwriting the X-REAL-IP header"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache APISIX",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "Apache APISIX 2.12",
                            "version_value": "2.12.1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "Apache APISIX 2.10",
                            "version_value": "2.10.4"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_name": "Apache APISIX 1",
                            "version_value": "1.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Original discovery by Real World CTF at Chaitin Tech. Reported by Sauercloud."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX\u0027s data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": [
          {
            "other": "high"
          }
        ],
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-290 Authentication Bypass by Spoofing"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94",
              "refsource": "MISC",
              "url": "https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94"
            },
            {
              "name": "[oss-security] 20220211 CVE-2022-24112: Apache APISIX: apisix/batch-requests plugin allows overwriting the X-REAL-IP header",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/02/11/3"
            },
            {
              "name": "http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.html"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "1. explicitly configure the enabled plugins in `conf/config.yaml`, ensure `batch-requests` is disabled. (Or just comment out `batch-requests` in `conf/config-default.yaml`)\nOr\n1. upgrade to 2.10.4 or 2.12.1."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2022-24112",
    "datePublished": "2022-02-11T12:20:13",
    "dateReserved": "2022-01-28T00:00:00",
    "dateUpdated": "2024-08-03T03:59:23.660Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2022-24112",
      "cwes": "[\"CWE-290\"]",
      "dateAdded": "2022-08-25",
      "dueDate": "2022-09-15",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94;  https://nvd.nist.gov/vuln/detail/CVE-2022-24112",
      "product": "APISIX",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Apache APISIX contains an authentication bypass vulnerability that allows for remote code execution.",
      "vendorProject": "Apache",
      "vulnerabilityName": "Apache APISIX Authentication Bypass Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-09-15",
      "cisaExploitAdd": "2022-08-25",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Apache APISIX Authentication Bypass Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.10.4\", \"matchCriteriaId\": \"DA41EFA2-1D6E-4D57-89BC-F8A96D684F23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.11.0\", \"versionEndExcluding\": \"2.12.1\", \"matchCriteriaId\": \"8F0B2998-1638-42BC-8585-9AF1E137F4CF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX\u0027s data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.\"}, {\"lang\": \"es\", \"value\": \"Un atacante puede abusar del plugin batch-requests para enviar peticiones para omitir la restricci\\u00f3n de IP de la API de administraci\\u00f3n. Una configuraci\\u00f3n por defecto de Apache APISIX (con la clave API por defecto) es vulnerable a una ejecuci\\u00f3n de c\\u00f3digo remota. Cuando ha  sido cambiada la clave de administraci\\u00f3n o ha sido cambiado el puerto de la API de administraci\\u00f3n a un puerto diferente al del panel de datos, el impacto es menor. Pero todav\\u00eda se presenta el riesgo de omitir la restricci\\u00f3n de IP del panel de datos de Apache APISIX. Se presenta una comprobaci\\u00f3n en el plugin de peticiones por lotes que anula la IP del cliente con su IP remota real. Pero debido a un error en el c\\u00f3digo, esta comprobaci\\u00f3n puede ser omitida\"}]",
      "id": "CVE-2022-24112",
      "lastModified": "2024-11-21T06:49:49.803",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-02-11T13:15:08.073",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html\", \"source\": \"security@apache.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.html\", \"source\": \"security@apache.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/02/11/3\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/02/11/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Mitigation\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@apache.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@apache.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-290\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-290\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-24112\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2022-02-11T13:15:08.073\",\"lastModified\":\"2024-11-21T06:49:49.803\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX\u0027s data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.\"},{\"lang\":\"es\",\"value\":\"Un atacante puede abusar del plugin batch-requests para enviar peticiones para omitir la restricci\u00f3n de IP de la API de administraci\u00f3n. Una configuraci\u00f3n por defecto de Apache APISIX (con la clave API por defecto) es vulnerable a una ejecuci\u00f3n de c\u00f3digo remota. Cuando ha  sido cambiada la clave de administraci\u00f3n o ha sido cambiado el puerto de la API de administraci\u00f3n a un puerto diferente al del panel de datos, el impacto es menor. Pero todav\u00eda se presenta el riesgo de omitir la restricci\u00f3n de IP del panel de datos de Apache APISIX. Se presenta una comprobaci\u00f3n en el plugin de peticiones por lotes que anula la IP del cliente con su IP remota real. Pero debido a un error en el c\u00f3digo, esta comprobaci\u00f3n puede ser omitida\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-08-25\",\"cisaActionDue\":\"2022-09-15\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Apache APISIX Authentication Bypass Vulnerability\",\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.10.4\",\"matchCriteriaId\":\"DA41EFA2-1D6E-4D57-89BC-F8A96D684F23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.11.0\",\"versionEndExcluding\":\"2.12.1\",\"matchCriteriaId\":\"8F0B2998-1638-42BC-8585-9AF1E137F4CF\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/02/11/3\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/166328/Apache-APISIX-2.12.1-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/02/11/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.