Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-37580 PoC — Apache ShenYu 授权问题漏洞

Source
https://github.com/ZororoZ/CVE-2021-37580
Associated Vulnerability
Title:Apache ShenYu 授权问题漏洞 (CVE-2021-37580)
Description:Apache ShenYu是美国阿帕奇(Apache)基金会的一个异步的,高性能的,跨语言的,响应式的 API 网关。 Apache ShenYu Admin 存在授权问题漏洞,该漏洞源于ShenyuAdminBootstrap 中 JWT 的错误使用允许攻击者绕过身份验证。
Readme
# CVE-2021-37580

## 支持单独和批量验证CVE-2021-37580漏洞
### 单个url检测:
![image](https://user-images.githubusercontent.com/46238787/142592186-7026abd2-0a8e-4f91-99ac-1772c190b7d7.png)
### 文件批量验证:
![image](https://user-images.githubusercontent.com/46238787/142592762-f36fbfe7-59d9-426b-a3df-dc571599baef.png)
File Snapshot

 [4.0K]  /data/pocs/72e2e5f8b15556019a3c7d78fd348dd5b2eda6f4
├── [1.2K]  Apache ShenYu Admin authentication bypass vulnerability_Poc.py
└── [ 343]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.