0x01 vulnerability description
Apache ShenYu is a scalable, high-performance, and responsive API gateway solution for all microservice scenarios.
Apache ShenYu Admin has an authentication bypass vulnerability** (CVE-2021-37580)* , and the CVSS score of this vulnerability is 9.8*** . Since the wrong use of JWT in ShenyuAdminBootstrap allows attackers to bypass authentication, attackers can directly enter the system background through this vulnerability.
0x02 affects the version
Apache ShenYu 2.3.0
Apache ShenYu 2.4.0
0x03 Vulnerability recurrence
Fofa search title
body=“id=“httpPath””&&body=“th:text=”${domain}""
Verify POC:
/dashboardUser
repair
upgrade to latest version