Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Anubis has a bot protection bypass when a sophisticated attacker asks to pass a challenge of difficulty 0
Vulnerability Description
Anubis is a tool that allows administrators to protect bots against AI scrapers through bot-checking heuristics and a proof-of-work challenge to discourage scraping from multiple IP addresses. Anubis allows attackers to bypass the bot protection by requesting a challenge, formulates any nonce (such as 42069), and then passes the challenge with difficulty zero. Commit e09d0226a628f04b1d80fd83bee777894a45cd02 fixes this behavior by not using a client-specified difficulty value.
CVSS Information
N/A
Vulnerability Type
在安全决策中依赖未经信任的输入
Vulnerability Title
Anubis 安全漏洞
Vulnerability Description
Anubis是Xe Iaso个人开发者的一个工具。 Anubis存在安全漏洞,该漏洞源于允许管理员通过机器人检查启发式算法和工作量证明挑战来保护机器人免受AI抓取工具的攻击,从而阻止来自多个IP地址的抓取。
CVSS Information
N/A
Vulnerability Type
N/A